We performed a comparison between Coverity and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"It's very stable."
"This solution is easy to use."
"The solution has improved our code quality and security very well."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"The security analysis features are the most valuable features of this solution."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"It is a good product for website penetration testing to detect vulnerabilities."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"It is a very stable solution."
"This product is designed for easy scalability and can easily scale up without major challenges."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."
"The product should include more customization options. The analytics is not as deep as compared to SonarQube."
"Its price can be improved. Price is always an issue with Synopsys."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system."
"SCM integration is very poor in Coverity."
"The virus code updates are not frequent enough."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"The pricing does not seem to be competitive."
"The scanner reports a lot of false positives, which is something that needs to be improved."
"The product's pricing could be better."
"They should try to include business logic vulnerabilities in the scanner testing."
More Qualys Web Application Scanning Pricing and Cost Advice →
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while Qualys Web Application Scanning is ranked 14th in Application Security Testing (AST) with 31 reviews. Coverity is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect. See our Coverity vs. Qualys Web Application Scanning report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.