Coverity vs HCL AppScan Comparison 2024

Coverity

HCL AppScan

Coverity

Read 33 Coverity reviews

17,993 views|11,623 comparisons

HCL AppScan

Read 39 HCL AppScan reviews

5,630 views|4,307 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Coverity vs. HCL AppScan

March 2024

Executive Summary

We performed a comparison between Coverity and HCL AppScan based on real PeerSpot user reviews.

Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Coverity vs. HCL AppScan Report (Updated: March 2024).

Download the complete report

768,578 professionals have used our research since 2012.

Featured Review

Estefania Ramirez

Application Security Auditor at Softtek

Great app analysis, support, and pricing

The product allows us to find vulnerabilities while testing our apps.

AnanyaRoy

Risk Analyst at Deloitte

A stable and scalable product useful for application security scanning

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"Coverity gives advisory and deviation features, which are some of the parts I liked.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.""It provides reports about a lot of potential defects.""It has the lowest false positives.""Coverity is easy to set up and has a less lengthy process to find vulnerabilities.""I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be.""The solution has improved our code quality and security very well.""The security analysis features are the most valuable features of this solution."

More Coverity Pros →

"The reporting part is the most valuable feature.""It's generally a very user-friendly tool. Anyone can easily learn how to scan""Compared to other tools only AppScan supports special language.""You can easily find particular features and functions through the UI.""It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code.""The product is useful, particularly in its sensitivity and scanning capabilities.""For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted.""IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."

More HCL AppScan Pros →

Cons

"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming.""There should be additional IDE support.""Its price can be improved. Price is always an issue with Synopsys.""Coverity is not stable.""The quality of the code needs improvement.""We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues.""The solution is a bit complex to use in comparison to other products that have many plugins.""Reporting engine needs to be more robust."

More Coverity Cons →

"The databases for HCL are small and have room for improvement.""The solution often has a high number of false positives. It's an aspect they really need to improve upon.""The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved.""There is room for improvement in the pricing model.""Scans become slow on large websites.""The penetration testing feature should be included.""The solution's scalability can be a matter of concern because one license runs on one machine only.""The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."

More HCL AppScan Cons →

Pricing and Cost Advice

"Coverity is quite expensive."

"The licensing fees are based on the number of lines of code."

"The price is competitive with other solutions."

"It is expensive."

"Coverity is very expensive."

"This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."

"The pricing is very reasonable compared to other platforms. It is based on a three year license."

"The pricing is on the expensive side, and we are paying for a couple of items."

More Coverity Pricing and Cost Advice →

"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."

"With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."

"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."

"HCL AppScan is expensive."

"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."

"The price is very expensive."

"The solution is moderately priced."

"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

More HCL AppScan Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.

See Recommendations

768,578 professionals have used our research since 2012.

Questions from the Community

How would you decide between Coverity and Sonarqube?

Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »

What do you like most about Coverity?

Top Answer:The solution has improved our code quality and security very well.

Read all 23 answers →

What is your experience regarding pricing and costs for Coverity?

Top Answer:The tool was fairly priced.

Read all 20 answers →

What do you like most about HCL AppScan?

Top Answer:The product has valuable features for static and dynamic testing.

Read all 17 answers →

What needs improvement with HCL AppScan?

Top Answer:HCL AppScan generates false results. Sometimes, it incorrectly identifies requests as vulnerable when they are not vulnerable. In the ADSL feature managed, the primary objective is to identify… more »

Read all 20 answers →

What is your primary use case for HCL AppScan?

Top Answer:HCL AppScan efficiently scans through the website and identifies vulnerabilities for AWS. It is reducing tools day by day, making it more efficient.

Read all 18 answers →

Ranking

4th

out of 67 in Application Security Testing (AST)

Views

17,993

Comparisons

11,623

Reviews

Average Words per Review

382

Rating

8.0

12th

out of 67 in Application Security Testing (AST)

Views

5,630

Comparisons

4,307

Reviews

Average Words per Review

339

Rating

7.2

Comparisons

SonarQube vs. Coverity

Compared 51% of the time.

Klocwork vs. Coverity

Compared 9% of the time.

Fortify on Demand vs. Coverity

Compared 6% of the time.

Checkmarx One vs. Coverity

Compared 6% of the time.

Veracode vs. Coverity

Compared 5% of the time.

More Coverity Competitors →

SonarQube vs. HCL AppScan

Compared 15% of the time.

Veracode vs. HCL AppScan

Compared 13% of the time.

Acunetix vs. HCL AppScan

Compared 10% of the time.

Checkmarx One vs. HCL AppScan

Compared 8% of the time.

PortSwigger Burp Suite Professional vs. HCL AppScan

Compared 8% of the time.

More HCL AppScan Competitors →

Also Known As

Synopsys Static Analysis

IBM Security AppScan, Rational AppScan, AppScan

Learn More

Synopsys

HCLTech

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

Sample Customers

MStar Semiconductor, Alcatel-Lucent

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT

Top Industries

REVIEWERS

Manufacturing Company39%

Computer Software Company22%

Comms Service Provider13%

Retailer9%

VISITORS READING REVIEWS

Manufacturing Company28%

Computer Software Company15%

Financial Services Firm8%

Government4%

REVIEWERS

Government15%

Transportation Company15%

Comms Service Provider10%

Financial Services Firm10%

VISITORS READING REVIEWS

Computer Software Company19%

Financial Services Firm14%

Government10%

Manufacturing Company9%

Company Size

REVIEWERS

Small Business17%

Midsize Enterprise14%

Large Enterprise69%

VISITORS READING REVIEWS

Small Business14%

Midsize Enterprise10%

Large Enterprise76%

REVIEWERS

Small Business24%

Midsize Enterprise11%

Large Enterprise64%

VISITORS READING REVIEWS

Small Business16%

Midsize Enterprise13%

Large Enterprise71%

Coverity vs HCL AppScan comparison

Coverity

HCL AppScan