We performed a comparison between Coverity and GitHub Code Scanning based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."We were very comfortable with the initial setup."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code."
"The interface of Coverity is quite good, and it is also easy to use."
"The security analysis features are the most valuable features of this solution."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"The solution effectively identifies bugs in code."
"We use GitHub Code Scanning mostly for source code management."
"It should be easier to specify your own validation routines and sanitation routines."
"We'd like it to be faster."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"The setup takes very long."
"There should be additional IDE support."
"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."
"Its price can be improved. Price is always an issue with Synopsys."
"GitHub Code Scanning should add more templates."
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while GitHub Code Scanning is ranked 20th in Application Security Testing (AST) with 1 review. Coverity is rated 7.8, while GitHub Code Scanning is rated 10.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of GitHub Code Scanning writes "A highly stable solution that can be used for source code management". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas GitHub Code Scanning is most compared with SonarCloud, SonarQube and Polaris Software Integrity Platform.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.