It taking compliance with standards like MISRA is crucial, especially for the automotive market.

The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data.

The scan of the repository has been most effective in identifying critical vulnerabilities. The product provided visibility over security-related issues like hard coding and values getting exposed in a log. It helped us resolve difficult issues. With CI/CD integration, we could scan the incremental commits done by different developers. We were able to report them, and the developers were able to fix them.

The product identifies the issues and has an informative dashboard that gives us strains of incremental issues and resolutions. It also keeps track of whether the reported issues were fixed and what the resolution was. Sometimes, we find duplicate issues. Those were very well managed from the dashboard. Our primary requirement was for compliance, and it was good. The reports were significant and looked very professional.

Coverity is the most popular product for scanning the code. It's much better than other products like Clockwork, PC Link, and other similar products. It's a better scanning product than others.

The app analysis is the most valuable feature as I know other solutions don't have that.

It's a good tool. The interface, support, pricing, and integration do not have any limitations.

The most valuable feature of Coverity is that it shows examples of what is actually wrong with the code.

The scanning ability of Coverity is good since it helps fix bug issues. The interface of Coverity is quite good, and it is also easy to use.

This product provides software security, and helps to find potential security bugs or defects with its checker feature. The solution also enables us to implement secure coding. 

This solution is easy to use. 

The solution effectively identifies bugs in code. 

The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans.

The most valuable feature is the security advisor. It also provides a very detailed report.

The solution has a low false positive rate compared to other vendors. Also, it can scan complex codes. In addition, it has the best features for trial analysis, integration, and language support.

They have a good memory-related box and a static order analysis that's very good, especially around leaks.

We were very comfortable with the initial setup.

It is stable.

Coverity's setup takes a long time. Coverity gives advisory and deviation features, which are some of the parts I liked.

The most valuable feature is the ability to find vulnerabilities in our code.

The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution.

• Lowest false positive rate
  
• Faster scanning time
• Inline context-sensitive help and other supportive artifacts which help developers.
• Customizable triage options
• Integrations with CI/CD tools, etc.

The product has deeper scanning capabilities. 

One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited. So contributing Events lets you create that kind of a workflow. 

We also need a tool that works in an environment that isn't dependent on the built environment. You point it to a folder. Then the tool picks it up, runs the scan, and gives you the report. That feature is available in Coverity. So you don't have to rely upon build artifacts or developer artifacts. So these are the two key features we use daily, and we've gotten good results. 

The security analysis features are the most valuable features of this solution. 

The product has good API documentation. I’m quite happy with it. The product is easy to use.

The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.

Coverity is easy to set up and has a less lengthy process to find vulnerabilities.

I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward. 

The features I find most valuable is that our entire company can publish the analysis results into our central space. That allows us to see the latest quality of all components on the sonar web page.

The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time.

• I like that it gives advice and training on how to resolve the most common quality issues. 
• Links to more details on each issue and the background and risks.
  

It provides reports about a lot of potential defects.

The most valuable feature is the integration with Jenkins. Jenkins can be used to automatically run it to perform the code analysis.

Integration with GitLab is helpful.

It improves the quality of my work.