We performed a comparison between Coverity and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Coverity gives advisory and deviation features, which are some of the parts I liked."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"The solution effectively identifies bugs in code."
"The product has deeper scanning capabilities."
"It provides reports about a lot of potential defects."
"The features I find most valuable is that our entire company can publish the analysis results into our central space."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
"Enables automation of different tasks such as authorization testing."
"It was easy to learn."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"You can download different plugins if you don't have them in the standard edition."
"The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools."
"Coverity takes a lot of time to dereference null pointers."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"The solution could use more rules."
"The product should include more customization options. The analytics is not as deep as compared to SonarQube."
"The quality of the code needs improvement."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"The price could be better. The rest is fine."
"As with most automated security tools, too many false positives."
"Sometimes the solution can run a little slow."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"There needs to be better documentation provided. Currently, we need to buy books, or we need to review online some use cases from other professionals who have been using the solution to find out their experience. It is not easy to find out how to properly do a security assessment."
"We'd like to have more integration potential across all versions of the product."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
"The use of system memory is an area that can be improved because it uses a lot."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 55 reviews. Coverity is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Coverity vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.