We performed a comparison between Checkmarx One and Coverity based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of Checkmarx are the Best Fix Location and the Payments option because you can save a lot of time trying to mitigate the configuration. Using these tools can save you a lot of time."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages."
"The solution is scalable, but other solutions are better."
"The UI is very intuitive and simple to use."
"The user interface is excellent. It's very user friendly."
"The features I find most valuable is that our entire company can publish the analysis results into our central space."
"The product has deeper scanning capabilities."
"The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"The security analysis features are the most valuable features of this solution."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"We were very comfortable with the initial setup."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"The statistics module has a function that allows you to show some statistics, but I think it's limited. Maybe it needs more information."
"Updating and debugging of queries is not very convenient."
"Checkmarx could improve by reducing the price."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"Checkmarx could improve the REST APIs by including automation."
"We would like to be able to run scans from our local system, rather than having to always connect to the product server, which is a longer process."
"In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now."
"The product can be improved by continuing to expand the application languages and frameworks that can be scanned for vulnerabilities. This includes expanded coverage for mobile applications as well as open-source development tools."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"The product lacks sufficient customization options."
"The solution could use more rules."
"Coverity is not stable."
"The tool needs to improve its reporting."
"There should be additional IDE support."
Checkmarx One is ranked 3rd in Static Application Security Testing (SAST) with 67 reviews while Coverity is ranked 4th in Static Application Security Testing (SAST) with 33 reviews. Checkmarx One is rated 7.6, while Coverity is rated 7.8. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Coverity writes "Best SAST tool to check software quality issues". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Mend.io, whereas Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Veracode and Polyspace Code Prover. See our Checkmarx One vs. Coverity report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.