Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.
The price of this solution is negotiable, depending on the size of the organization.
Coverity is quite expensive.
The price of this solution is negotiable, depending on the size of the organization.
Coverity is quite expensive.
OWASP Zap is a powerful tool used for security and vulnerability testing of applications. Its primary use case includes scanning pipelines, dynamic testing, penetration testing, and vulnerability scanning. OWASP Zap's most valuable functionality is its ability to scan and fix vulnerabilities, provide clear explanations in reports, and discover more vulnerabilities compared to other tools. It helps organizations by improving application security, reducing the need for external testers, and strengthening overall security.
It is highly recommended as it is an open source tool.
It's free and open, currently under the Apache 2 license. If ZAP does what you need it to do, selling a free solution is a very easy.
It is highly recommended as it is an open source tool.
It's free and open, currently under the Apache 2 license. If ZAP does what you need it to do, selling a free solution is a very easy.
SonarCloud is a cloud-based alternative of the SonarQube platform, offering continuous code quality and security analysis as a service. SonarCloud integrates seamlessly with popular version control and CI/CD platforms such as GitHub, Bitbucket, and Azure DevOps. It provides static code analysis to identify and help remediate issues such as bugs and security vulnerabilities. SonarCloud enables developers to receive immediate feedback on their code within their development environment, facilitating the maintenance of high-quality code standards, and promoting a culture of continuous improvement in software development projects. It helps produce software that is secure, reliable, and maintainable. SonarCloud is free for open-source projects and is offered as a paid subscription for private projects, priced per lines of code.
The price of SonarCloud could be less expensive. We are using the community version and the price should be more reasonable.
I am using the free version of the solution.
The price of SonarCloud could be less expensive. We are using the community version and the price should be more reasonable.
I am using the free version of the solution.
Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities.
Acunetix was around the same price as all the other vendors we looked at, nothing special.
The costs aren't very expensive. It costs around $3000 or $4000.
Acunetix was around the same price as all the other vendors we looked at, nothing special.
The costs aren't very expensive. It costs around $3000 or $4000.
Fortify WebInspect is an automated DAST solution that helps security professionals and QA testers uncover security vulnerabilities and configuration concerns by providing complete vulnerability detection. This is accomplished by mimicking real-world external security attacks on a live application in order to discover and prioritize concerns for root-cause study. Fortify WebInspect provides a number of REST APIs for easier integration, as well as the ability to be maintained via an intuitive UI or totally automated.
It’s a fair price for the solution.
The pricing for this solution is good.
It’s a fair price for the solution.
The pricing for this solution is good.
Invicti helps DevSecOps teams automate security tasks and save hundreds of hours each month by identifying web vulnerabilities that matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss with 99.98% accuracy, delivering on the promise of Zero Noise AppSec. Invicti helps discover all web assets — even ones that are lost, forgotten, or created by rogue departments. With an array of out-of-the-box integrations, DevSecOps teams can get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively while reducing risk and hitting the ROI goals.
We never had any issues with the licensing; the price was within our assigned limits.
It is competitive in the security market.
We never had any issues with the licensing; the price was within our assigned limits.
It is competitive in the security market.
The licensing for Seeker is user-based and for 50 users I believe it costs about $70,000 per year.
The licensing for Seeker is user-based and for 50 users I believe it costs about $70,000 per year.
Cycode is the industry’s first source code control, detection, and response platform. Its Source Path Intelligence engine seamlessly delivers comprehensive visibility into all of your code and automatically detects and responds to anomalies in its access, movement, and usage.