We performed a comparison between Coverity and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's pretty stable. I rate the stability of Coverity nine out of ten."
"The solution effectively identifies bugs in code."
"The reporting feature is up to the mark."
"The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."
"It provides reports about a lot of potential defects."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"We use Kiuwan to locate the source of application vulnerabilities."
"I've found the reporting features the most helpful."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"The solution offers very good technical support."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"Software analytics for a lot of different languages including ABAP."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"It should be easier to specify your own validation routines and sanitation routines."
"Ideally, it would have a user-based license that does not have a restriction in the number of lines of code."
"The level of vulnerability that this solution covers could be improved compared to other open source tools."
"Reporting engine needs to be more robust."
"Coverity takes a lot of time to dereference null pointers."
"Sometimes, vulnerabilities remain unidentified even after setting up the rules."
"The reporting tool integration process is sometimes slow."
"The setup takes very long."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"The development-to-delivery phase."
"The configuration hasn't been that good."
"The QA developer and security could be improved."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"It could improve its scalability abilities."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"I would like to see additional languages supported."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Kiuwan is ranked 16th in Static Application Security Testing (SAST) with 23 reviews. Coverity is rated 7.8, while Kiuwan is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Fortify on Demand. See our Coverity vs. Kiuwan report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.