We performed a comparison between Coverity and Synopsys Code Dx based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The solution effectively identifies bugs in code."
"The most valuable feature is the integration with Jenkins."
"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"The solution has improved our code quality and security very well."
"Provides software security, and helps to find potential security bugs or defects."
"Coverity gives advisory and deviation features, which are some of the parts I liked."
"The product is easy to use."
"We were very comfortable with the initial setup."
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"SCM integration is very poor in Coverity."
"Coverity is not stable."
"Its price can be improved. Price is always an issue with Synopsys."
"The quality of the code needs improvement."
"Reporting engine needs to be more robust."
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Synopsys Code Dx is ranked 32nd in Static Application Security Testing (SAST) with 1 review. Coverity is rated 7.8, while Synopsys Code Dx is rated 0.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Synopsys Code Dx is most compared with Veracode, Checkmarx One and SonarQube.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.