We performed a comparison between Coverity and Synopsys Code Dx based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."
"The reporting feature is up to the mark."
"It provides reports about a lot of potential defects."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"Its price can be improved. Price is always an issue with Synopsys."
"Coverity takes a lot of time to dereference null pointers."
"The quality of the code needs improvement."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"It should be easier to specify your own validation routines and sanitation routines."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"The solution's user interface and quality gate could be improved."
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Synopsys Code Dx is ranked 32nd in Static Application Security Testing (SAST) with 1 review. Coverity is rated 7.8, while Synopsys Code Dx is rated 0.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Synopsys Code Dx is most compared with Veracode, Checkmarx One and SonarQube.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
