We performed a comparison between Coverity and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Coverity gives advisory and deviation features, which are some of the parts I liked."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"Coverity is scalable."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"The most valuable feature is the integration with Jenkins."
"It provides reports about a lot of potential defects."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"It works with many different products."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"By using QualysGuard, we are able to finish external scans with assured results in half the time."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"The setup takes very long."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"We'd like it to be faster."
"The solution's user interface and quality gate could be improved."
"Its price can be improved. Price is always an issue with Synopsys."
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."
"The virus code updates are not frequent enough."
"The product's pricing could be better."
"The support could be faster."
"The software’s pricing could be improved."
"They should try to include business logic vulnerabilities in the scanner testing."
"The solution needs to adjust its pricing. They should make it more affordable."
"In certain cases, this product does have false positives, which the company should work on."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
More Qualys Web Application Scanning Pricing and Cost Advice →
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Qualys Web Application Scanning is ranked 14th in Static Application Security Testing (SAST) with 31 reviews. Coverity is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect. See our Coverity vs. Qualys Web Application Scanning report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.