• Home
  • Coverity vs. PortSwigger Burp Suite Professional

Coverity vs PortSwigger Burp Suite Professional comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
Coverity
Read 34 Coverity reviews
17,229 views|11,225 comparisons
89% willing to recommend
PortSwigger Logo
PortSwigger Burp Suite Professional
Read 57 PortSwigger Burp Suite Professional reviews
8,300 views|5,212 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Coverity vs. PortSwigger Burp Suite Professional
May 2024
Executive Summary

We performed a comparison between Coverity and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.

Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Coverity vs. PortSwigger Burp Suite Professional Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Infinity Chen
A good and stable solution that has significant software security feature for detecting potential risks
This product improves functionality and efficiency. We cannot find any issues in the early stages.
Rahul Singh Patel
A solution for scanning and to automate API security assessments
The solution helps to automate API security assessments. It incorporates features of both black hat and red team engagements. We streamline bug... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We were very comfortable with the initial setup.""The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans.""The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code.""It provides reports about a lot of potential defects.""The interface of Coverity is quite good, and it is also easy to use.""It is a scalable solution.""The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution.""The product is easy to use."

More Coverity Pros →

"This tool is more accurate than the other solutions that we use, and reports fewer false positives.""The solution helped us discover vulnerabilities in our applications.""This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps.""It's good testing software.""The most valuable feature of PortSwigger Burp Suite Professional is the Burp Intruder tool.""It is useful for scanning and tracing activities.""The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools.""Enables automation of different tasks such as authorization testing."

More PortSwigger Burp Suite Professional Pros →

Cons
"SCM integration is very poor in Coverity.""Its price can be improved. Price is always an issue with Synopsys.""The reporting tool integration process is sometimes slow.""Reporting engine needs to be more robust.""Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code.""They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier.""The tool needs to improve its reporting.""Coverity takes a lot of time to dereference null pointers."

More Coverity Cons →

"It would be good if the solution could give us more details about what exactly is defective.""Improvement should be done as per the requirements of customers.""The technical support team's response time is mostly delayed and should be improved.""If we're running a huge number of scans regularly, it slows down the tool.""The Auto Scanning features should be updated more frequently and should include the latest attack vectors.""PortSwigger Burp Suite Professional could improve the static code review.""The solution’s pricing could be improved.""There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."

More PortSwigger Burp Suite Professional Cons →

Pricing and Cost Advice
  • "Coverity is quite expensive."
  • "The licensing fees are based on the number of lines of code."
  • "The price is competitive with other solutions."
  • "It is expensive."
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • "The pricing is very reasonable compared to other platforms. It is based on a three year license."
  • "The pricing is on the expensive side, and we are paying for a couple of items."

    • More Coverity Pricing and Cost Advice →

  • "This is a value for money product."
  • "The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees."
  • "Our licensing cost is approximately $400 USD per year."
  • "The yearly cost is about $300."
  • "There is no setup cost and the cost of licensing is affordable."
  • "Licensing costs are about $450/year for one use. For larger organizations, they're able to test against multiple applications while simultaneously others might have multiple versions of applications which needs to be tested which is why we have the enterprise edition."
  • "There are different licenses available that include a free version."
  • "At $400 or $500 per license paid annually, it is a very cheap tool."

    • More PortSwigger Burp Suite Professional Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    What do you like most about Coverity?
    Top Answer:The solution has improved our code quality and security very well.
    Read all 23 answers   →
    What is your experience regarding pricing and costs for Coverity?
    Top Answer:The tool was fairly priced.
    Read all 20 answers   →
    Is OWASP Zap better than PortSwigger Burp Suite Pro?
    Top Answer:OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with… more »
    Read all 3 answers   →
    What do you like most about PortSwigger Burp Suite Professional?
    Top Answer:The solution helped us discover vulnerabilities in our applications.
    Read all 42 answers   →
    What is your experience regarding pricing and costs for PortSwigger Burp ...
    Top Answer:I rate the pricing a ten out of ten. There are no additional costs associated with the product.
    Read all 36 answers   →
    Ranking
    4th
    out of 71 in Static Application Security Testing (SAST)
    Views
    17,229
    Comparisons
    11,225
    Reviews
    22
    Average Words per Review
    406
    Rating
    8.0
    5th
    out of 71 in Static Application Security Testing (SAST)
    Views
    8,300
    Comparisons
    5,212
    Reviews
    22
    Average Words per Review
    468
    Rating
    8.8
    Comparisons
    Also Known As
    Synopsys Static Analysis
    Burp
    Learn More
    Synopsys
    PortSwigger
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    Burp Suite Professional, by PortSwigger, is the world’s leading toolkit for web security testing. Over 52,000 users worldwide, across all industries and organization sizes, trust Burp Suite Professional to find more vulnerabilities, faster. With expertly-engineered manual and automated tooling, you're able to test smarter - not harder.

    PortSwigger is the web security company that is enabling the world to secure the web. Over 50,000 security engineers rely on our software and expertise to secure their world.

    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    Google, Amazon, NASA, FedEx, P&G, Salesforce
    Top Industries
    REVIEWERS
    Manufacturing Company36%
    Comms Service Provider20%
    Computer Software Company20%
    Retailer8%
    VISITORS READING REVIEWS
    Manufacturing Company29%
    Computer Software Company16%
    Financial Services Firm7%
    Government4%
    REVIEWERS
    Financial Services Firm22%
    Manufacturing Company22%
    Computer Software Company19%
    Comms Service Provider13%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government9%
    Manufacturing Company9%
    Company Size
    REVIEWERS
    Small Business16%
    Midsize Enterprise14%
    Large Enterprise70%
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business22%
    Midsize Enterprise21%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise64%
    Buyer's Guide
    Coverity vs. PortSwigger Burp Suite Professional
    May 2024
    Free Report: Coverity vs. PortSwigger Burp Suite Professional
    Find out what your peers are saying about Coverity vs. PortSwigger Burp Suite Professional and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while PortSwigger Burp Suite Professional is ranked 5th in Static Application Security Testing (SAST) with 57 reviews. Coverity is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Coverity vs. PortSwigger Burp Suite Professional report.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.