We performed a comparison between Coverity and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We were very comfortable with the initial setup."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code."
"It provides reports about a lot of potential defects."
"The interface of Coverity is quite good, and it is also easy to use."
"It is a scalable solution."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"The product is easy to use."
"This tool is more accurate than the other solutions that we use, and reports fewer false positives."
"The solution helped us discover vulnerabilities in our applications."
"This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
"It's good testing software."
"The most valuable feature of PortSwigger Burp Suite Professional is the Burp Intruder tool."
"It is useful for scanning and tracing activities."
"The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools."
"Enables automation of different tasks such as authorization testing."
"SCM integration is very poor in Coverity."
"Its price can be improved. Price is always an issue with Synopsys."
"The reporting tool integration process is sometimes slow."
"Reporting engine needs to be more robust."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"The tool needs to improve its reporting."
"Coverity takes a lot of time to dereference null pointers."
"It would be good if the solution could give us more details about what exactly is defective."
"Improvement should be done as per the requirements of customers."
"The technical support team's response time is mostly delayed and should be improved."
"If we're running a huge number of scans regularly, it slows down the tool."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
"PortSwigger Burp Suite Professional could improve the static code review."
"The solution’s pricing could be improved."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while PortSwigger Burp Suite Professional is ranked 5th in Static Application Security Testing (SAST) with 57 reviews. Coverity is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Coverity vs. PortSwigger Burp Suite Professional report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.