We performed a comparison between Coverity and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"Coverity is scalable."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"The solution effectively identifies bugs in code."
"The features I find most valuable is that our entire company can publish the analysis results into our central space."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"It was easy to set up."
"This solution saves us time due to the low number of false positives detected."
"The UI was very intuitive."
"The solution is easy to use."
"The most valuable feature of the solution is the scanning or security part."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"The security and the dashboard are the most valuable features."
"This is a stable solution."
"We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system."
"It should be easier to specify your own validation routines and sanitation routines."
"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."
"It would be great if we could customize the rules to focus on critical issues."
"The tool needs to improve its reporting."
"Coverity is not stable."
"Its price can be improved. Price is always an issue with Synopsys."
"When I put my code into Coverity for scanning, the code information of the product is in the system. The solution could be improved by providing a SBOM, a software bill of material."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated."
"It has crashed at times."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"The penetration testing feature should be included."
"They should have a better UI for dashboards."
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
"They have to improve support."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while HCL AppScan is ranked 12th in Static Application Security Testing (SAST) with 41 reviews. Coverity is rated 7.8, while HCL AppScan is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap. See our Coverity vs. HCL AppScan report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.