Coverity Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Yantao Zhao
Real User
Software Integration Engineer at Thales Australia
Sep 04 2019

What is most valuable?

The features I find most valuable is that our entire company can publish the analysis results into our central space. That allows us to see the latest quality of all… more»

How has it helped my organization?

Depending on our product's needs, we defined the rule set to check and improve the source code.

What needs improvement?

My personal opinion is that the webpage of the last version of Coverity is not very easy to use. They've made some unnecessary changes and now I can't see all the analysis… more»

What's my experience with pricing, setup cost, and licensing?

For the setup, it's better to adapt the solution from the mature projects. Don't care so much the pricing and licensing being the end user.

If you previously used a different solution, which one did you use and why did you switch?

My personal business used other tools that offered sonar language tracking. We used a mix of programs with specific options and some standard gcc options. But last year… more»

What other advice do I have?

I will suggest that when they use the program for a new project, they should just copy the data from a mature solution to the new project because the setup really takes a… more»

Which other solutions did I evaluate?

Before choosing, we tried to use gcc compiler options, i.e. EXT_GCOV_FLAGS='-fprofile-arcs -ftest-coverage' EXT_GCOV_LDFLAGS=-fprofile-arcs… more»
SecurityEngineer0015
Real User
Security Engineer at a comms service provider with 10,001+ employees
Aug 28 2019

What is most valuable?

The security analysis features are the most valuable features of this solution.

What needs improvement?

The quality of the code needs improvement. They should develop a better code. The interface, efficiency, and the performance also need improvement as well as the languages that it offers. It should have more language options. The user… more»

What's my experience with pricing, setup cost, and licensing?

Licensing is on a yearly basis.

If you previously used a different solution, which one did you use and why did you switch?

We previously used an open-source solution before Coverity.

What other advice do I have?

I would recommend this solution depending on the language you're using, Java and C++. I would rate it a five out of ten. Not a ten because it's not efficient for the language we use.
Find out what your peers are saying about Synopsys, SonarQube, Checkmarx and others in Application Security. Updated: October 2019.
372,622 professionals have used our research since 2012.
Real User
Chief Specialist at a government with 501-1,000 employees
Mar 21 2019

What is most valuable?

It improves the quality of my work.

How has it helped my organization?

The product improves the way that we do product evaluations.

What needs improvement?

They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier.

If you previously used a different solution, which one did you use and why did you switch?

We did not have another solution before. We decided to purchase Coverity because the way we were working previously wasn't efficient. So, we were trying to improve our efficiency.

What other advice do I have?

Try it out for yourself, and decide whether it's useful for you.

Which other solutions did I evaluate?

This solution seemed to fit our purposes.
DanaFrost
Real User
User
Apr 14 2019

What is most valuable?

* I like that it gives advice and training on how to resolve the most common quality issues. * Links to more details on each issue and the background and risks.

How has it helped my organization?

Coverity provides developers with a good, best practice, coding advice, and tracks risks of poor coding quality. Coverity reports have urged developers to improve the quality of their code.

What needs improvement?

* Ability to follow source file s-links into the target location for issuing assignments through GIT. Our current build environment uses symbolic links into the git repo and Coverity does not follow the link into the actual location of the source file to determine the git author. * Single API for all interactions. I am not a fan of using both SOAP and REST APIs and Coverity offers a mix of… more»
Haroon Mansoori
Consultant
Sr. Manager/Sr. Architect at a tech services company with 10,001+ employees
Jul 08 2018

What is most valuable?

* Lowest false positive rate * Faster scanning time * Inline context-sensitive help and other supportive artifacts which help developers. * Customizable triage options * Integrations with CI/CD tools, etc.

How has it helped my organization?

* Ease of development teams to adopt. * Faster scanning * Lowest false positives * No unnecessary bloating of a huge defect list. These have helped us to focus on the things which need attention.

What needs improvement?

* Reporting engine needs to be more robust. * Custom reporting is a must have. * Perhaps, the availability of connectors to popular open source BI tools, such as BIRT, JasperReports, or Pentaho may add value.

Articles

User Assessments By Topic About Coverity

Find out what your peers are saying about Synopsys, SonarQube, Checkmarx and others in Application Security. Updated: October 2019.
372,622 professionals have used our research since 2012.

Coverity Questions

What is Coverity?

Synopsys Static Analysis helps reduce risk and lower overall project cost by identifying critical quality defects and potential security vulnerabilities during development, with accurate and actionable remediation guidance, based on patented techniques and a decade of research and development and analysis of over 10 billion lines of proprietary and open source code.
Also known as
Synopsys Static Analysis
BUYER'S GUIDE
Download our free Application Security Report and find out what your peers are saying about Synopsys, SonarQube, Checkmarx, and more!
Sign Up with Email