We performed a comparison between Coverity and GitGuardian Public Monitoring based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"The interface of Coverity is quite good, and it is also easy to use."
"Provides software security, and helps to find potential security bugs or defects."
"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."
"Coverity is scalable."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"We were very comfortable with the initial setup."
"The most valuable feature is the integration with Jenkins."
"The Explore function is valuable for finding specific things I'm looking for."
"One thing I really like about it is the fact that we can add search words or specific payloads inside the tool, and GitGuardian will look into GitHub and alert us if any of these words is found in a repository... With this capability in the tool, we have good surveillance over our potential blind spots."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"Some features are not performing well, like duplicate detection and switch case situations."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"Coverity takes a lot of time to dereference null pointers."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"I would like to see improvement in some of the user interface features... When one secret is leaked in multiple files or multiple repositories, it will appear on the dashboard. But when you click on that secret, all the occurrences will appear on the page. It would be better to have one secret per occurrence, directly, so that we don't have to click to get to the list of all the occurrences."
"I'm excited about the possibility of Public Postman scanning being integrated with GitGuardian in the future. Additionally, I'm interested in exploring the potential use of honeytokens, which seems like a compelling approach to lure and identify attackers."
More GitGuardian Public Monitoring Pricing and Cost Advice →
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while GitGuardian Public Monitoring is ranked 19th in Application Security Testing (AST) with 2 reviews. Coverity is rated 7.8, while GitGuardian Public Monitoring is rated 9.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of GitGuardian Public Monitoring writes "Helps us prioritize remediation tasks efficiently, improves our overall security visibility, and is effective in detecting and alerting us to security leaks quickly". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas GitGuardian Public Monitoring is most compared with Snyk.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
