• Home
  • Coverity vs. HCL AppScan

Coverity vs HCL AppScan comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
Coverity
Read 34 Coverity reviews
17,229 views|11,225 comparisons
89% willing to recommend
HCLTech Logo
HCL AppScan
Read 41 HCL AppScan reviews
5,387 views|4,135 comparisons
82% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Coverity vs. HCL AppScan
May 2024
Executive Summary

We performed a comparison between Coverity and HCL AppScan based on real PeerSpot user reviews.

Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Coverity vs. HCL AppScan Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Archana Verma
Provides software security and helps find potential security bugs or defects
Coverity has improved our functionality and efficiency.
AnanyaRoy
A stable and scalable product useful for application security scanning
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.""The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time.""It's pretty stable. I rate the stability of Coverity nine out of ten.""The security analysis features are the most valuable features of this solution.""It is a scalable solution.""The product is easy to use.""The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution.""The interface of Coverity is quite good, and it is also easy to use."

More Coverity Pros →

"We are now deploying less defects to production.""I like the recording feature.""We use it as a security testing application.""The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL.""Technical support is helpful.""For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted.""The most valuable feature of the solution is the scanning or security part.""The most valuable feature of the solution is Postman."

More HCL AppScan Pros →

Cons
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming.""The level of vulnerability that this solution covers could be improved compared to other open source tools.""Reporting engine needs to be more robust.""The product lacks sufficient customization options.""The solution is a bit complex to use in comparison to other products that have many plugins.""The tool needs to improve its reporting.""The setup takes very long.""The product should include more customization options. The analytics is not as deep as compared to SonarQube."

More Coverity Cons →

"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources.""In future releases, I would like to see more aggressive reports. I would also like to see less false positives.""Many silly false positives are produced.""The solution's scalability can be a matter of concern because one license runs on one machine only.""We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices.""A desktop version should be added.""There are so many lines of code with so many different categories that I am likely to get lost. ​""They have to improve support."

More HCL AppScan Cons →

Pricing and Cost Advice
  • "Coverity is quite expensive."
  • "The licensing fees are based on the number of lines of code."
  • "The price is competitive with other solutions."
  • "It is expensive."
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • "The pricing is very reasonable compared to other platforms. It is based on a three year license."
  • "The pricing is on the expensive side, and we are paying for a couple of items."

    • More Coverity Pricing and Cost Advice →

  • "AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
  • "With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
  • "Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
  • "HCL AppScan is expensive."
  • "I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
  • "The price is very expensive."
  • "The solution is moderately priced."
  • "The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

    • More HCL AppScan Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    What do you like most about Coverity?
    Top Answer:The solution has improved our code quality and security very well.
    Read all 23 answers   →
    What is your experience regarding pricing and costs for Coverity?
    Top Answer:The tool was fairly priced.
    Read all 20 answers   →
    What do you like most about HCL AppScan?
    Top Answer:The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
    Read all 18 answers   →
    What needs improvement with HCL AppScan?
    Top Answer:Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its… more »
    Read all 21 answers   →
    What is your primary use case for HCL AppScan?
    Top Answer:I mainly use AppScan to secure various types of applications. I use its DAFDAT solution for black box scanning, as well as SaaS and source code validation. AppScan helps in scanning code for… more »
    Read all 19 answers   →
    Ranking
    4th
    out of 71 in Static Application Security Testing (SAST)
    Views
    17,229
    Comparisons
    11,225
    Reviews
    22
    Average Words per Review
    406
    Rating
    8.0
    11th
    out of 71 in Static Application Security Testing (SAST)
    Views
    5,387
    Comparisons
    4,135
    Reviews
    17
    Average Words per Review
    346
    Rating
    7.5
    Comparisons
    SonarQube logo
    SonarQube vs. Coverity
    Compared 51% of the time.
    Klocwork logo
    Klocwork vs. Coverity
    Compared 9% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. Coverity
    Compared 7% of the time.
    Checkmarx One logo
    Checkmarx One vs. Coverity
    Compared 6% of the time.
    Veracode logo
    Veracode vs. Coverity
    Compared 5% of the time.
    More Coverity Competitors   →
    SonarQube logo
    SonarQube vs. HCL AppScan
    Compared 16% of the time.
    Veracode logo
    Veracode vs. HCL AppScan
    Compared 12% of the time.
    Acunetix logo
    Acunetix vs. HCL AppScan
    Compared 11% of the time.
    OWASP Zap logo
    OWASP Zap vs. HCL AppScan
    Compared 8% of the time.
    More HCL AppScan Competitors   →
    Also Known As
    Synopsys Static Analysis
    IBM Security AppScan, Rational AppScan, AppScan
    Learn More
    Synopsys
    HCLTech
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
    Top Industries
    REVIEWERS
    Manufacturing Company36%
    Comms Service Provider20%
    Computer Software Company20%
    Retailer8%
    VISITORS READING REVIEWS
    Manufacturing Company29%
    Computer Software Company16%
    Financial Services Firm7%
    Government4%
    REVIEWERS
    Government15%
    Transportation Company15%
    Comms Service Provider10%
    Financial Services Firm10%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm14%
    Government10%
    Manufacturing Company9%
    Company Size
    REVIEWERS
    Small Business16%
    Midsize Enterprise14%
    Large Enterprise70%
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business24%
    Midsize Enterprise13%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise12%
    Large Enterprise72%
    Buyer's Guide
    Coverity vs. HCL AppScan
    May 2024
    Free Report: Coverity vs. HCL AppScan
    Find out what your peers are saying about Coverity vs. HCL AppScan and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while HCL AppScan is ranked 11th in Static Application Security Testing (SAST) with 41 reviews. Coverity is rated 7.8, while HCL AppScan is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap. See our Coverity vs. HCL AppScan report.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.