We performed a comparison between Coverity and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The interface of Coverity is quite good, and it is also easy to use."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"The solution effectively identifies bugs in code."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"Coverity gives advisory and deviation features, which are some of the parts I liked."
"The most valuable feature is the integration with Jenkins."
"The product has deeper scanning capabilities."
"Coverity is scalable."
"The solution has a pretty simple setup."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"You can download different plugins if you don't have them in the standard edition."
"It was easy to learn."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"PortSwigger Burp Suite Professional has an intercept tab that helps us to scan our APIs, set the response, and request errors."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"The most valuable feature is Burp Collaborator."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"Its price can be improved. Price is always an issue with Synopsys."
"The setup takes very long."
"The tool needs to improve its reporting."
"We'd like it to be faster."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"The quality of the code needs improvement."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"The solution’s pricing could be improved."
"The technical support team's response time is mostly delayed and should be improved."
"BurpSuite has some issues regarding authentication with OAT tokens that need to be improved."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"There should be a heads up display like the one available in OWASP Zap."
"PortSwigger Burp Suite Professional could improve the static code review."
"There needs to be better documentation provided. Currently, we need to buy books, or we need to review online some use cases from other professionals who have been using the solution to find out their experience. It is not easy to find out how to properly do a security assessment."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 55 reviews. Coverity is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Coverity vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.