We performed a comparison between Coverity and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"Coverity is scalable."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"This solution is easy to use."
"It provides reports about a lot of potential defects."
"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish."
"Key features allow creation of well-presented Wiki that includes ideas, development, and domains."
"We have seen a couple of merge requests or pull requests raised in GitLab. I see the interface, the way it shows the difference between the two source codes, that it is easy for anyone to do the review and then accept the request; the pull request is the valuable feature."
"It is very flexible and easy because you can store data on cloud."
"Their CI/CD engine is very mature. It's very comprehensive and flexible, and compared to other projects, I believe that GitLab is number one right now from that perspective."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"Some features are not performing well, like duplicate detection and switch case situations."
"There should be additional IDE support."
"The reporting tool integration process is sometimes slow."
"It would be great if we could customize the rules to focus on critical issues."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"Reporting engine needs to be more robust."
"Coverity takes a lot of time to dereference null pointers."
"The setup takes very long."
"GitLab could add a plugin to integrate with Kubernetes stuff."
"The pricing model of GitLab is an issue for me."
"I would like to have some features to support peer review."
"We'd always like to see better pricing on the product."
"The documentation could be improved to help newcomers better understand things like creating new branches."
"We'd like to see better integration with the Atlassian ecosystem."
"We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating."
"As GitLab is not perfect, what needs improvement in the solution is the Wiki feature of the groups or the repertories because currently, it's not searchable by default. You'll need an indexing service such as Elasticsearch to make it searchable, and that requires too much work, so for me, it's the main feature that should be improved in GitLab. In the next version of the solution, from the top of my head, the documentation could be improved. Besides the Wiki, it would be good if there's documentation that would be automatically generated based on the code repository. In other words, there should be some tutorials from GitLab for developers in the next release."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while GitLab is ranked 8th in Static Application Security Testing (SAST) with 70 reviews. Coverity is rated 7.8, while GitLab is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Fortify Application Defender, whereas GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton. See our Coverity vs. GitLab report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.