Most Helpful Review | ||||||
| Use CodeSonar? Share your opinion. |
| ||||
Find out what your peers are saying about SonarSource, Veracode, Checkmarx and others in Application Security. Updated: January 2021. 456,812 professionals have used our research since 2012. |
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Use our free recommendation engine to learn which Application Security solutions are best for your needs. 456,812 professionals have used our research since 2012. | ||
Questions from the Community | ||
Top Answer: Veracode has offered a dynamic analysis testing solution for several years, having launched our first offering in 2015… more » Top Answer: I would recommend them. They have the ability to cover multiple languages and come with all the features you would… more » Top Answer: SonarQube depends on completely what you configure the Rules. You will have the option of the Profile creation and can… more » | Ask a question Earn 20 points | Top Answer: Coverity is quite stable and we haven’t had any issues or any downtime. Top Answer: Coverity is quite expensive. Generally, for security scanning products, the pricing is very expensive. Some solutions… more » Top Answer: I would like to see integration with popular IDEs, such as Eclipse. If Coverity were available as a plugin then… more » |
Popular Comparisons | ||
![]() Compared 50% of the time. ![]() Compared 16% of the time. ![]() Compared 6% of the time. ![]() Compared 3% of the time. ![]() Compared 3% of the time. | ![]() Compared 60% of the time. ![]() Compared 7% of the time. ![]() Compared 5% of the time. ![]() Compared 2% of the time. ![]() Compared 1% of the time. | ![]() Compared 49% of the time. ![]() Compared 9% of the time. ![]() Compared 7% of the time. ![]() Compared 6% of the time. ![]() Compared 2% of the time. |
Also Known As | ||
Synopsys Static Analysis | ||
Learn | ||
Veracode | GrammaTech | Synopsys |
Overview | ||
Veracode covers all your Application Security needs in one solution through a combination of five analysis types; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Unlike on-premise solutions that are hard to scale and focused on finding rather than fixing, Veracode comprises a unique combination of SaaS technology and on-demand expertise that enables DevSecOps through integration with your pipeline, and empowers developers to find and fix security defects. | GrammaTech enables organizations to develop software applications more efficiently, on-budget, and on-schedule by helping to eliminate harmful defects that can cause system failures, enable data breaches, and ultimately increase corporate liabilities in today’s connected world. GrammaTech is the developer of CodeSonar, the most powerful source and binary code analysis solution available today. Extraordinarily precise, CodeSonar finds, on average, 2 times more serious defects in software than other static analysis solutions. Designed for organizations with zero tolerance for defects and vulnerabilities in their applications, CodeSonar provides static analysis for applications where reliability and security are paramount - widely used by software developers in avionics, medical, automotive, industrial control, and other mission-critical applications. Some of GrammaTech's customers include Toyota, GE, Hyundai, Kawasaki, LG, Lockheed Martin, NASA, Northrop Grumman, Panasonic, and Samsung. |
Coverity® gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. |
Offer | ||
Learn more about Veracode | Learn more about CodeSonar | Learn more about Coverity |
Sample Customers | ||
State of Missouri, Rekner | Viveris, Micrel Medical Devices, Olympus, SOFTEQ, SONY | MStar Semiconductor, Alcatel-Lucent |
Top Industries | ||
Financial Services Firm32% Insurance Company11% Computer Software Company8% Engineering Company5% Computer Software Company35% Comms Service Provider16% Financial Services Firm8% Manufacturing Company5% | Computer Software Company32% Comms Service Provider19% Manufacturing Company8% Transportation Company6% | Media Company14% Government14% Retailer14% Transportation Company14% Computer Software Company32% Manufacturing Company18% Comms Service Provider16% Retailer5% |
Company Size | ||
Small Business22% Midsize Enterprise25% Large Enterprise53% Small Business20% Midsize Enterprise25% Large Enterprise55% | No Data Available | Small Business10% Midsize Enterprise30% Large Enterprise60% Small Business2% Midsize Enterprise9% Large Enterprise89% |
CodeSonar is ranked 18th in Application Security with 1 review while Coverity is ranked 11th in Application Security with 8 reviews. CodeSonar is rated 9.0, while Coverity is rated 7.2. The top reviewer of CodeSonar writes "Catches critical code defects at the source code level". On the other hand, the top reviewer of Coverity writes "Straightforward to install and reports few false positives, but it should be easier to specify your own validation and sanitation routines". CodeSonar is most compared with SonarQube, Klocwork, Polyspace Code Prover, Checkmarx and Fortify Application Defender, whereas Coverity is most compared with SonarQube, Micro Focus Fortify on Demand, Checkmarx, Klocwork and Parasoft SOAtest.
See our list of best Application Security vendors.
We monitor all Application Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.