We performed a comparison between Coverity and Invicti based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This solution is easy to use."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time."
"The product has deeper scanning capabilities."
"We were very comfortable with the initial setup."
"The reporting feature is up to the mark."
"I am impressed by the whole technology that they are using in this solution. It is really fast. When using netscan, the confirmation that it gives on the vulnerabilities is pretty cool. It is really easy to configure a scan in Netsparker Web Application Security Scanner. It is also really easy to deploy."
"The scanner is light on the network and does not impact the network when scans are running."
"Its ability to crawl a web application is quite different than another similar scanner."
"I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities."
"It has a comprehensive resulting mechanism. It is a one-stop solution for all your security testing mechanisms."
"Invicti is a good product, and its API testing is also good."
"Crawling feature: Netsparker has very detail crawling steps and mechanisms. This feature expands the attack surface."
"Scan, proxify the application, and then detailed report along with evidence and remediations to problems."
"The product should include more customization options. The analytics is not as deep as compared to SonarQube."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."
"SCM integration is very poor in Coverity."
"Coverity is not stable."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"The scanning time, complexity, and authentication features of Invicti could be improved."
"Netsparker doesn't provide the source code of the static application security testing."
"The license could be better. It would help if they could allow us to scan multiple URLs on the same license. It's a major hindrance that we are facing while scanning applications, and we have to be sure that the URLs are the same and not different so that we do not end up consuming another license for it. Netsparker is one of the costliest products in the market. The licensing is tied to the URL, and it's restricted. If you have a URL that you scanned once, like a website, you cannot retry that same license. If you are scanning the same website but in a different domain or different URL, you might end up paying for a second license. It would also be better if they provided proper support for multi-factor authentications. In the next release, I would like them to include good multi-factor authentication support."
"The solution needs to make a more specific report."
"The scanner itself should be improved because it is a little bit slow."
"The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker."
"The support's response time could be faster since we are in different time zones."
"The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Invicti is ranked 15th in Static Application Security Testing (SAST) with 25 reviews. Coverity is rated 7.8, while Invicti is rated 8.2. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Fortify WebInspect. See our Coverity vs. Invicti report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
