We performed a comparison between Coverity and Tenable.io Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."
"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."
"The most valuable feature is the integration with Jenkins."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"Coverity gives advisory and deviation features, which are some of the parts I liked."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"The solution has improved our code quality and security very well."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"The solution is stable."
"The solution's instant reports feature is the most effective for detecting threats."
"The initial setup is straightforward."
"It collects the vulnerabilities on the hostnames and sends them to the Tenable.io cloud. Tenable has its own cloud where Tenable.io is running, but there are many connectors to other cloud solutions. Tenable can do vulnerability scanning for other cloud managers such as Azure, Amazon, and so on."
"Tenable.io Web Application Scanning is very easy to use."
"It is fully automated."
"The most effective feature of the product is the ability to scan the entire environment."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"The setup takes very long."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"The tool needs to improve its reporting."
"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."
"It isn't easy to manage vulnerabilities in Tenable."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
"It would be great if there were a dashboard that is more user-friendly."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
"The reporting has a very limited customization capability."
"The technical support should be improved. Currently, some attacks are detected while others are not."
"The platform's technical support services could be better."
More Tenable.io Web Application Scanning Pricing and Cost Advice →
Coverity is ranked 4th in Application Security Testing (AST) with 33 reviews while Tenable.io Web Application Scanning is ranked 24th in Application Security Tools with 14 reviews. Coverity is rated 7.8, while Tenable.io Web Application Scanning is rated 7.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Tenable.io Web Application Scanning writes "Highly Recommended Solution with Latest Scanning Methods". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Tenable.io Web Application Scanning is most compared with Acunetix, SonarQube, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Fortify on Demand. See our Coverity vs. Tenable.io Web Application Scanning report.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
