• Home
  • Coverity vs. Synopsys API Security Testing

Coverity vs Synopsys API Security Testing comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
Coverity
Read 34 Coverity reviews
17,611 views|11,474 comparisons
89% willing to recommend
Synopsys Logo
Synopsys API Security Testing
Read 1 Synopsys API Security Testing review
490 views|339 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Static Application Security Testing (SAST)
April 2024
Executive Summary

We performed a comparison between Coverity and Synopsys API Security Testing based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).
To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: April 2024).
Download the complete report
772,567 professionals have used our research since 2012.
Featured Review
Arun Dahiphale
Improves code quality and security and provides an informative dashboard and professional-looking reports
The solution has improved our code quality and security very well. It has multiple reports. I wanted good reports as evidence that we are doing... Read more →
UmarQureshi
Useful threat vectors, beneficial results, but implementation needed support
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It's very stable.""It has the lowest false positives.""The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code.""It's pretty stable. I rate the stability of Coverity nine out of ten.""The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution.""One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.""The solution effectively identifies bugs in code.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."

More Coverity Pros →

"The most valuable features of Synopsys API Security Testing are the metrics, results, and threat vectors that it shares."

More Synopsys API Security Testing Pros →

Cons
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming.""Coverity takes a lot of time to dereference null pointers.""Ideally, it would have a user-based license that does not have a restriction in the number of lines of code.""The reporting tool integration process is sometimes slow.""Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code.""The product lacks sufficient customization options.""The quality of the code needs improvement.""Sometimes, vulnerabilities remain unidentified even after setting up the rules."

More Coverity Cons →

"The solution required us to use our team and we spoke to Synopsys API Security Testing's support to do the implementation. We use two people from our team for the implementation. and one person for maintenance."

More Synopsys API Security Testing Cons →

Pricing and Cost Advice
  • "Coverity is quite expensive."
  • "The licensing fees are based on the number of lines of code."
  • "The price is competitive with other solutions."
  • "It is expensive."
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • "The pricing is very reasonable compared to other platforms. It is based on a three year license."
  • "The pricing is on the expensive side, and we are paying for a couple of items."

    • More Coverity Pricing and Cost Advice →

    Information Not Available
    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,567 professionals have used our research since 2012.
    Questions from the Community
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    What do you like most about Coverity?
    Top Answer:The solution has improved our code quality and security very well.
    Read all 23 answers   →
    What is your experience regarding pricing and costs for Coverity?
    Top Answer:The tool was fairly priced.
    Read all 20 answers   →
    Ask a question

    Earn 20 points

    Ranking
    4th
    out of 71 in Static Application Security Testing (SAST)
    Views
    17,611
    Comparisons
    11,474
    Reviews
    22
    Average Words per Review
    382
    Rating
    8.0
    30th
    out of 71 in Static Application Security Testing (SAST)
    Views
    490
    Comparisons
    339
    Reviews
    1
    Average Words per Review
    0
    Rating
    7.0
    Comparisons
    Also Known As
    Synopsys Static Analysis
    Learn More
    Synopsys
    Synopsys
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    AppSec testing optimized for the needs of API developers
    APIs provide open, flexible interfaces that enable applications and services to talk to each other. But these characteristics can also make it difficult to build secure software—and even more difficult for traditional AppSec tools to test it.

    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    Information Not Available
    Top Industries
    REVIEWERS
    Manufacturing Company36%
    Comms Service Provider20%
    Computer Software Company20%
    Retailer8%
    VISITORS READING REVIEWS
    Manufacturing Company29%
    Computer Software Company16%
    Financial Services Firm7%
    Government4%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Financial Services Firm15%
    Manufacturing Company11%
    Insurance Company10%
    Company Size
    REVIEWERS
    Small Business16%
    Midsize Enterprise14%
    Large Enterprise70%
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise10%
    Large Enterprise76%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise17%
    Large Enterprise60%
    Buyer's Guide
    Static Application Security Testing (SAST)
    April 2024
    Download Free Report
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: April 2024.
    DOWNLOAD NOW
    772,567 professionals have used our research since 2012.

    Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Synopsys API Security Testing is ranked 30th in Static Application Security Testing (SAST). Coverity is rated 7.8, while Synopsys API Security Testing is rated 7.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Synopsys API Security Testing writes "Useful threat vectors, beneficial results, but implementation needed support". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Synopsys API Security Testing is most compared with Seeker, Fortify WebInspect, OWASP Zap and Acunetix.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.