• Home
  • Coverity vs. Invicti

Coverity vs Invicti comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
Coverity
Read 34 Coverity reviews
17,229 views|11,225 comparisons
89% willing to recommend
Invicti Logo
Invicti
Read 25 Invicti reviews
3,804 views|1,944 comparisons
96% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Coverity vs. Invicti
May 2024
Executive Summary

We performed a comparison between Coverity and Invicti based on real PeerSpot user reviews.

Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Coverity vs. Invicti Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Infinity Chen
A good and stable solution that has significant software security feature for detecting potential risks
This product improves functionality and efficiency. We cannot find any issues in the early stages.
Amr Abdelnaser
A safe solution used to detective vulnerabilities for dynamic and complex testing
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.""Provides software security, and helps to find potential security bugs or defects.""The product is easy to use.""I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be.""The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time.""Coverity is scalable.""It's very stable."

More Coverity Pros →

"One of the features I like about this program is the low number of false positives and the support it offers.""When we try to manually exploit the vulnerabilities, it often takes time to realize what's going on and what needs to be done.""The dashboard is really cool, and the features are really good. It tells you about the software version you're using in your web application. It gives you the entire technology stack, and that really helps. Both web and desktop apps are good in terms of application scanning. It has a lot of security checks that are easily customizable as per your requirements. It also has good customer support.""It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms.""I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities.""The scanner and the result generator are valuable features for us.""The solution generates reports automatically and quickly.""Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."

More Invicti Pros →

Cons
"It should be easier to specify your own validation routines and sanitation routines.""I would like to see integration with popular IDEs, such as Eclipse.""Coverity takes a lot of time to dereference null pointers.""The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming.""Ideally, it would have a user-based license that does not have a restriction in the number of lines of code.""We'd like it to be faster.""The reporting tool integration process is sometimes slow.""The tool needs to improve its reporting."

More Coverity Cons →

"Asset scanning could be better. Once, it couldn't scan assets, and the issue was strange. The price doesn't fit the budget of small and medium-sized businesses.""It would be better for listing and attacking Java-based web applications to exploit vulnerabilities.""The scannings are not sufficiently updated.""The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker.""The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them.""Invicti takes too long with big applications, and there are issues with the login portal.""The scanning time, complexity, and authentication features of Invicti could be improved.""Netsparker doesn't provide the source code of the static application security testing."

More Invicti Cons →

Pricing and Cost Advice
  • "Coverity is quite expensive."
  • "The licensing fees are based on the number of lines of code."
  • "The price is competitive with other solutions."
  • "It is expensive."
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • "The pricing is very reasonable compared to other platforms. It is based on a three year license."
  • "The pricing is on the expensive side, and we are paying for a couple of items."

    • More Coverity Pricing and Cost Advice →

  • "It is competitive in the security market."
  • "OWASP Zap is free and it has live updates, so that's a big plus."
  • "We never had any issues with the licensing; the price was within our assigned limits."
  • "I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
  • "The price should be 20% lower"
  • "Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
  • "We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
  • "Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."

    • More Invicti Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    What do you like most about Coverity?
    Top Answer:The solution has improved our code quality and security very well.
    Read all 23 answers   →
    What is your experience regarding pricing and costs for Coverity?
    Top Answer:The tool was fairly priced.
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Netsparker Web Ap...
    Top Answer:The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate… more »
    Read all 5 answers   →
    What do you like most about Invicti?
    Top Answer:The most valuable feature of Invicti is getting baseline scanning and incremental scan.
    Read all 7 answers   →
    What needs improvement with Invicti?
    Top Answer:The solution's false positive analysis and vulnerability analysis libraries could be improved.
    Read all 7 answers   →
    Ranking
    4th
    out of 71 in Static Application Security Testing (SAST)
    Views
    17,229
    Comparisons
    11,225
    Reviews
    22
    Average Words per Review
    406
    Rating
    8.0
    15th
    out of 71 in Static Application Security Testing (SAST)
    Views
    3,804
    Comparisons
    1,944
    Reviews
    5
    Average Words per Review
    340
    Rating
    8.6
    Comparisons
    SonarQube logo
    SonarQube vs. Coverity
    Compared 51% of the time.
    Klocwork logo
    Klocwork vs. Coverity
    Compared 9% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. Coverity
    Compared 7% of the time.
    Checkmarx One logo
    Checkmarx One vs. Coverity
    Compared 6% of the time.
    Veracode logo
    Veracode vs. Coverity
    Compared 5% of the time.
    More Coverity Competitors   →
    OWASP Zap logo
    OWASP Zap vs. Invicti
    Compared 19% of the time.
    Acunetix logo
    Acunetix vs. Invicti
    Compared 14% of the time.
    Fortify WebInspect logo
    Fortify WebInspect vs. Invicti
    Compared 6% of the time.
    More Invicti Competitors   →
    Also Known As
    Synopsys Static Analysis
    Mavituna Netsparker
    Learn More
    Synopsys
    Invicti
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    Invicti helps DevSecOps teams automate security tasks and save hundreds of hours each month by identifying web vulnerabilities that matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss with 99.98% accuracy, delivering on the promise of Zero Noise AppSec. Invicti helps discover all web assets — even ones that are lost, forgotten, or created by rogue departments. With an array of out-of-the-box integrations, DevSecOps teams can get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively while reducing risk and hitting the ROI goals.

    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    Samsung, The Walt Disney Company, T-Systems, ING Bank
    Top Industries
    REVIEWERS
    Manufacturing Company36%
    Comms Service Provider20%
    Computer Software Company20%
    Retailer8%
    VISITORS READING REVIEWS
    Manufacturing Company29%
    Computer Software Company16%
    Financial Services Firm7%
    Government4%
    REVIEWERS
    Computer Software Company36%
    Financial Services Firm18%
    Aerospace/Defense Firm9%
    Real Estate/Law Firm9%
    VISITORS READING REVIEWS
    Educational Organization51%
    Financial Services Firm8%
    Computer Software Company6%
    Manufacturing Company5%
    Company Size
    REVIEWERS
    Small Business16%
    Midsize Enterprise14%
    Large Enterprise70%
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business50%
    Midsize Enterprise12%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business8%
    Midsize Enterprise58%
    Large Enterprise34%
    Buyer's Guide
    Coverity vs. Invicti
    May 2024
    Free Report: Coverity vs. Invicti
    Find out what your peers are saying about Coverity vs. Invicti and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Invicti is ranked 15th in Static Application Security Testing (SAST) with 25 reviews. Coverity is rated 7.8, while Invicti is rated 8.2. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Fortify WebInspect. See our Coverity vs. Invicti report.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.