We performed a comparison between Coverity and Fortify Application Defender based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's pretty stable. I rate the stability of Coverity nine out of ten."
"The solution has improved our code quality and security very well."
"This solution is easy to use."
"It's very stable."
"It provides reports about a lot of potential defects."
"Coverity is scalable."
"It has the lowest false positives."
"We were very comfortable with the initial setup."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"The most valuable feature is that it analyzes data in real-time."
"Its ability to find security defects is valuable."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"We'd like it to be faster."
"Coverity is not stable."
"The quality of the code needs improvement."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"There should be additional IDE support."
"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The solution is quite expensive."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"Fortify Application Defender gives a lot of false positives."
"The workbench is a little bit complex when you first start using it."
"The false positive rate should be lower."
"The licensing can be a little complex."
"Support for older compilers/IDEs is lacking."
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews. Coverity is rated 7.8, while Fortify Application Defender is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Seeker, whereas Fortify Application Defender is most compared with Checkmarx One, CAST Application Intelligence Platform, SonarQube, Qualys Web Application Scanning and Fortify on Demand. See our Coverity vs. Fortify Application Defender report.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
