• Home
  • Coverity vs. HCL AppScan

Coverity vs HCL AppScan comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo

Coverity

Read 33 Coverity reviews
17,993 views|11,623 comparisons
88% willing to recommend
HCLTech Logo

HCL AppScan

Read 39 HCL AppScan reviews
5,630 views|4,307 comparisons
81% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Coverity vs. HCL AppScan
March 2024
Executive Summary

We performed a comparison between Coverity and HCL AppScan based on real PeerSpot user reviews.

Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Coverity vs. HCL AppScan Report (Updated: March 2024).
Download the complete report
768,246 professionals have used our research since 2012.
Featured Review
Akshay Pawar
A tool to fix bug issues and detect errors with code analysis
The ability of Coverity to fix bug issues is important to me. Coverity actually helps to debug and deal really fast when it comes to code analysis.... Read more →
AnanyaRoy
A stable and scalable product useful for application security scanning
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Coverity is easy to set up and has a less lengthy process to find vulnerabilities.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.""It is a scalable solution.""It's pretty stable. I rate the stability of Coverity nine out of ten.""The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans.""We were very comfortable with the initial setup.""The most valuable feature is the integration with Jenkins.""One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."

More Coverity Pros →

"The reporting part is the most valuable feature.""The product has valuable features for static and dynamic testing.""This solution saves us time due to the low number of false positives detected.""The UI was very intuitive.""We are now deploying less defects to production.""It's generally a very user-friendly tool. Anyone can easily learn how to scan""The solution is easy to use.""It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."

More HCL AppScan Pros →

Cons
"Its price can be improved. Price is always an issue with Synopsys.""SCM integration is very poor in Coverity.""Some features are not performing well, like duplicate detection and switch case situations.""There should be additional IDE support.""The level of vulnerability that this solution covers could be improved compared to other open source tools.""The product should include more customization options. The analytics is not as deep as compared to SonarQube.""When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material.""Sometimes, vulnerabilities remain unidentified even after setting up the rules."

More Coverity Cons →

"They have to improve support.""We would like to integrate with some of the other reporting tools that we're planning to use in the future.""The product has some technical limitations.""It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good.""The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper.""They should have a better UI for dashboards.""Many silly false positives are produced.""The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."

More HCL AppScan Cons →

Pricing and Cost Advice
  • "Coverity is quite expensive."
  • "The licensing fees are based on the number of lines of code."
  • "The price is competitive with other solutions."
  • "It is expensive."
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • "The pricing is very reasonable compared to other platforms. It is based on a three year license."
  • "The pricing is on the expensive side, and we are paying for a couple of items."

    • More Coverity Pricing and Cost Advice →

  • "AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
  • "With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
  • "Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
  • "HCL AppScan is expensive."
  • "I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
  • "The price is very expensive."
  • "The solution is moderately priced."
  • "The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

    • More HCL AppScan Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    See Recommendations
    768,246 professionals have used our research since 2012.
    Questions from the Community
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    What do you like most about Coverity?
    Top Answer:The solution has improved our code quality and security very well.
    Read all 23 answers   →
    What is your experience regarding pricing and costs for Coverity?
    Top Answer:The tool was fairly priced.
    Read all 20 answers   →
    What do you like most about HCL AppScan?
    Top Answer:The product has valuable features for static and dynamic testing.
    Read all 17 answers   →
    What needs improvement with HCL AppScan?
    Top Answer:HCL AppScan generates false results. Sometimes, it incorrectly identifies requests as vulnerable when they are not vulnerable. In the ADSL feature managed, the primary objective is to identify… more »
    Read all 20 answers   →
    What is your primary use case for HCL AppScan?
    Top Answer:HCL AppScan efficiently scans through the website and identifies vulnerabilities for AWS. It is reducing tools day by day, making it more efficient.
    Read all 18 answers   →
    Ranking
    4th
    out of 67 in Application Security Testing (AST)
    Views
    17,993
    Comparisons
    11,623
    Reviews
    22
    Average Words per Review
    382
    Rating
    8.0
    12th
    out of 67 in Application Security Testing (AST)
    Views
    5,630
    Comparisons
    4,307
    Reviews
    17
    Average Words per Review
    339
    Rating
    7.2
    Comparisons
    SonarQube logo
    SonarQube vs. Coverity
    Compared 51% of the time.
    Klocwork logo
    Klocwork vs. Coverity
    Compared 9% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. Coverity
    Compared 6% of the time.
    Checkmarx One logo
    Checkmarx One vs. Coverity
    Compared 6% of the time.
    Veracode logo
    Veracode vs. Coverity
    Compared 5% of the time.
    More Coverity Competitors   →
    SonarQube logo
    SonarQube vs. HCL AppScan
    Compared 15% of the time.
    Veracode logo
    Veracode vs. HCL AppScan
    Compared 13% of the time.
    Acunetix logo
    Acunetix vs. HCL AppScan
    Compared 10% of the time.
    Checkmarx One logo
    Checkmarx One vs. HCL AppScan
    Compared 8% of the time.
    More HCL AppScan Competitors   →
    Also Known As
    Synopsys Static Analysis
    IBM Security AppScan, Rational AppScan, AppScan
    Learn More
    Synopsys
    HCLTech
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
    Top Industries
    REVIEWERS
    Manufacturing Company39%
    Computer Software Company22%
    Comms Service Provider13%
    Retailer9%
    VISITORS READING REVIEWS
    Manufacturing Company28%
    Computer Software Company15%
    Financial Services Firm8%
    Government4%
    REVIEWERS
    Government15%
    Transportation Company15%
    Comms Service Provider10%
    Financial Services Firm10%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm14%
    Government10%
    Manufacturing Company9%
    Company Size
    REVIEWERS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business24%
    Midsize Enterprise11%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise71%
    Buyer's Guide
    Coverity vs. HCL AppScan
    March 2024
    Free Report: Coverity vs. HCL AppScan
    Find out what your peers are saying about Coverity vs. HCL AppScan and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,246 professionals have used our research since 2012.

    Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while HCL AppScan is ranked 12th in Application Security Testing (AST) with 39 reviews. Coverity is rated 7.8, while HCL AppScan is rated 7.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and PortSwigger Burp Suite Professional. See our Coverity vs. HCL AppScan report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.