We performed a comparison between Coverity and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Provides software security, and helps to find potential security bugs or defects."
"The interface of Coverity is quite good, and it is also easy to use."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"This solution is easy to use."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"It has the lowest false positives."
"The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"The solution has a continuous integration process."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"We use Kiuwan to locate the source of application vulnerabilities."
"I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"Coverity takes a lot of time to dereference null pointers."
"Reporting engine needs to be more robust."
"Coverity is not stable."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"Its price can be improved. Price is always an issue with Synopsys."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"I would like to see additional languages supported."
"The QA developer and security could be improved."
"DIfferent languages, such Spanish, Portuguese, and so on."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The product's UI has certain shortcomings, where improvements are required."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Kiuwan is ranked 16th in Static Application Security Testing (SAST) with 23 reviews. Coverity is rated 7.8, while Kiuwan is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Fortify on Demand. See our Coverity vs. Kiuwan report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
