Coverity Competitors and Alternatives

Read reviews of Coverity competitors and alternatives
CA Technologies
Real User
CISO at Laboratory Corporation of America Holdings
May 17 2018

What is most valuable?

Veracode helps me in several implementations over a couple of industry sectors in a number of ways. My coding, especially the code we develop, has a number of faults per line and that costs me money and time to fix those, into the lifecycle.... more»

How has it helped my organization?

Interestingly enough, Veracode has evolved over time. Their chief designer has been a leader in security for many years and his insights into applications, and what we now consider DevOps, has been very helpful for the industry. The insights... more»

What needs improvement?

As we move to more of a mobile space, much of the code was developed on desktops, mobile laptops, and things. Mobile apps run differently and they have a different runtime. Chris Wysopal and I have talked several times over the past few years... more»
SonarQube
Real User
Technical Architect and Software Engineer at a tech services company
Sep 12 2017

What is most valuable?

SonarQube is not valuable because of the information it gives it. We can gather that same information from several other tools as well. It is the way the information is presented that makes it so powerful. It provides a holistic picture of all quality issues in a software project. With SonarQube's web interface, it is easy to drill down to see the individual... more»

How has it helped my organization?

Individual developers are more concerned about the quality of their work when they see their results in the big picture.
Rogue Wave
Real User
Senior Embedded Software Engineer at a engineering company with 10,001+ employees
Sep 05 2016

What is most valuable?

* Good set of checkers for static code analysis, cyber security * Possibility of creating custom checkers- Good and easy integration into continuous integration (CI) * The whole package offers a lot of possibilities: add-ons for Eclipse,... more»

How has it helped my organization?

More and more departments are targeting static code analysis now, as they see the benefits. Klocwork with its capabilities is helping with this, providing the integration. The advantage is that while coding, developers see code violations.

What needs improvement?

* Global variables sometimes generate false positives. Variables with global scopes sometimes produce False Positives. It means, I get violations from KW which after personal analysis turn out to be not true. At the moment it seems Klocwork... more»

Sign Up with Email