Coverity vs Polyspace Code Prover Comparison 2024

Coverity

Polyspace Code Prover

Coverity

Read 33 Coverity reviews

17,611 views|11,453 comparisons

Polyspace Code Prover

Read 5 Polyspace Code Prover reviews

1,751 views|1,137 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Application Security Testing (AST)

April 2024

Executive Summary

We performed a comparison between Coverity and Polyspace Code Prover based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST).

To learn more, read our detailed Application Security Testing (AST) Report (Updated: April 2024).

Download the complete report

770,141 professionals have used our research since 2012.

Featured Review

Akshay Pawar

Software Developer at KPIT Technologies

A tool to fix bug issues and detect errors with code analysis

The ability of Coverity to fix bug issues is important to me. Coverity actually helps to debug and deal really fast when it comes to code analysis.... Read more →

Anonymous User

Sw expert at a manufacturing company

Enhanced our code verification process but it crashes on large applications

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"The interface of Coverity is quite good, and it is also easy to use.""The solution effectively identifies bugs in code.""We were very comfortable with the initial setup.""One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.""The app analysis is the most valuable feature as I know other solutions don't have that.""The most valuable feature is the integration with Jenkins.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.""The features I find most valuable is that our entire company can publish the analysis results into our central space."

More Coverity Pros →

"The outputs are very reliable.""Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect.""Polyspace Code Prover is a very user-friendly tool.""The product detects memory corruptions.""When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."

More Polyspace Code Prover Pros →

Cons

"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming.""They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier.""I would like to see integration with popular IDEs, such as Eclipse.""The solution could use more rules.""Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker.""We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system.""Coverity takes a lot of time to dereference null pointers.""Sometimes it's a bit hard to figure out how to use the product’s UI."

More Coverity Cons →

"I'd like the data to be taken from any format.""The tool has some stability issues.""Automation could be a challenge.""One of the main disadvantages is the time it takes to initiate the first run.""Using Code Prover on large applications crashes sometimes."

More Polyspace Code Prover Cons →

Pricing and Cost Advice

"Coverity is quite expensive."

"The licensing fees are based on the number of lines of code."

"The price is competitive with other solutions."

"It is expensive."

"Coverity is very expensive."

"This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."

"The pricing is very reasonable compared to other platforms. It is based on a three year license."

"The pricing is on the expensive side, and we are paying for a couple of items."

More Coverity Pricing and Cost Advice →

"We use the paid version."

More Polyspace Code Prover Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.

See Recommendations

770,141 professionals have used our research since 2012.

Questions from the Community

How would you decide between Coverity and Sonarqube?

Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »

What do you like most about Coverity?

Top Answer:The solution has improved our code quality and security very well.

Read all 23 answers →

What is your experience regarding pricing and costs for Coverity?

Top Answer:We use the paid version.

Read all 4 answers →

What needs improvement with Polyspace Code Prover?

Top Answer:There are two main areas of improvement. * False negatives and false positives. * The speed of the validation itself. Another area I see for improvement is scalability, particularly when dealing with… more »

Read all 5 answers →

Ranking

4th

out of 67 in Application Security Testing (AST)

Views

17,611

Comparisons

11,453

Reviews

Average Words per Review

382

Rating

8.0

23rd

out of 74 in Application Security Tools

Views

1,751

Comparisons

1,137

Reviews

Average Words per Review

656

Rating

7.6

Comparisons

SonarQube vs. Coverity

Compared 51% of the time.

Klocwork vs. Coverity

Compared 9% of the time.

Fortify on Demand vs. Coverity

Compared 7% of the time.

Checkmarx One vs. Coverity

Compared 6% of the time.

Polaris Software Integrity Platform vs. Coverity

Compared 3% of the time.

More Coverity Competitors →

SonarQube vs. Polyspace Code Prover

Compared 32% of the time.

Klocwork vs. Polyspace Code Prover

Compared 17% of the time.

CodeSonar vs. Polyspace Code Prover

Compared 7% of the time.

Parasoft SOAtest vs. Polyspace Code Prover

Compared 6% of the time.

GitLab vs. Polyspace Code Prover

Compared 3% of the time.

More Polyspace Code Prover Competitors →

Also Known As

Synopsys Static Analysis

Learn More

Synopsys

MathWorks

Video Not Available

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

Polyspace Code Prover is a sound static analysis tool that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in C and C++ source code. It produces results without requiring program execution, code instrumentation, or test cases. Polyspace Code Prover uses semantic analysis and abstract interpretation based on formal methods to verify software interprocedural, control, and data flow behavior. You can use it on handwritten code, generated code, or a combination of the two. Each operation is color-coded to indicate whether it is free of run-time errors, proven to fail, unreachable, or unproven.

Sample Customers

MStar Semiconductor, Alcatel-Lucent

Alenia Aermacchi, CSEE Transport, Delphi Diesel Systems, EADS, Institute for Radiological Protection and Nuclear Safety, Korean Air, KOSTAL, Miracor, NASA Ames Research Center

Top Industries

REVIEWERS

Manufacturing Company36%

Comms Service Provider20%

Computer Software Company20%

Retailer8%

VISITORS READING REVIEWS

Manufacturing Company28%

Computer Software Company16%

Financial Services Firm8%

Government4%

VISITORS READING REVIEWS

Manufacturing Company33%

Computer Software Company15%

Transportation Company7%

Retailer5%

Company Size

REVIEWERS

Small Business16%

Midsize Enterprise14%

Large Enterprise70%

VISITORS READING REVIEWS

Small Business14%

Midsize Enterprise10%

Large Enterprise76%

VISITORS READING REVIEWS

Small Business15%

Midsize Enterprise9%

Large Enterprise76%

Coverity vs Polyspace Code Prover comparison