Coverity vs Polyspace Code Prover Comparison 2024

Coverity

Polyspace Code Prover

Coverity

Read 34 Coverity reviews

17,611 views|11,474 comparisons

Polyspace Code Prover

Read 5 Polyspace Code Prover reviews

1,751 views|1,137 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Static Application Security Testing (SAST)

June 2024

Executive Summary

We performed a comparison between Coverity and Polyspace Code Prover based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: June 2024).

Download the complete report

772,649 professionals have used our research since 2012.

Featured Review

Arun Dahiphale

Technical Architect at Elastic Care Inc

Improves code quality and security and provides an informative dashboard and professional-looking reports

The solution has improved our code quality and security very well. It has multiple reports. I wanted good reports as evidence that we are doing... Read more →

Anonymous User

Sw expert at a manufacturing company

Enhanced our code verification process but it crashes on large applications

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"Coverity gives advisory and deviation features, which are some of the parts I liked.""Coverity is quite stable and we haven’t had any issues or any downtime.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at.""The app analysis is the most valuable feature as I know other solutions don't have that.""One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited.""It's very stable.""Coverity is easy to set up and has a less lengthy process to find vulnerabilities.""The security analysis features are the most valuable features of this solution."

More Coverity Pros →

"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect.""The outputs are very reliable.""The product detects memory corruptions.""Polyspace Code Prover is a very user-friendly tool.""When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."

More Polyspace Code Prover Pros →

Cons

"The tool needs to improve its reporting.""The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming.""They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier.""Coverity is not stable.""Ideally, it would have a user-based license that does not have a restriction in the number of lines of code.""The product should include more customization options. The analytics is not as deep as compared to SonarQube.""The product lacks sufficient customization options.""There should be additional IDE support."

More Coverity Cons →

"Automation could be a challenge.""I'd like the data to be taken from any format.""The tool has some stability issues.""One of the main disadvantages is the time it takes to initiate the first run.""Using Code Prover on large applications crashes sometimes."

More Polyspace Code Prover Cons →

Pricing and Cost Advice

"Coverity is quite expensive."

"The licensing fees are based on the number of lines of code."

"The price is competitive with other solutions."

"It is expensive."

"Coverity is very expensive."

"This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."

"The pricing is very reasonable compared to other platforms. It is based on a three year license."

"The pricing is on the expensive side, and we are paying for a couple of items."

More Coverity Pricing and Cost Advice →

"We use the paid version."

More Polyspace Code Prover Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See Recommendations

772,649 professionals have used our research since 2012.

Questions from the Community

How would you decide between Coverity and Sonarqube?

Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »

What do you like most about Coverity?

Top Answer:The solution has improved our code quality and security very well.

Read all 23 answers →

What is your experience regarding pricing and costs for Coverity?

Top Answer:We use the paid version.

Read all 4 answers →

What needs improvement with Polyspace Code Prover?

Top Answer:There are two main areas of improvement. * False negatives and false positives. * The speed of the validation itself. Another area I see for improvement is scalability, particularly when dealing with… more »

Read all 5 answers →

Ranking

4th

out of 71 in Static Application Security Testing (SAST)

Views

17,611

Comparisons

11,474

Reviews

Average Words per Review

382

Rating

8.0

23rd

out of 74 in Application Security Tools

Views

1,751

Comparisons

1,137

Reviews

Average Words per Review

656

Rating

7.6

Comparisons

SonarQube vs. Coverity

Compared 51% of the time.

Klocwork vs. Coverity

Compared 8% of the time.

Fortify on Demand vs. Coverity

Compared 7% of the time.

Checkmarx One vs. Coverity

Compared 6% of the time.

Polaris Software Integrity Platform vs. Coverity

Compared 3% of the time.

More Coverity Competitors →

SonarQube vs. Polyspace Code Prover

Compared 32% of the time.

Klocwork vs. Polyspace Code Prover

Compared 17% of the time.

CodeSonar vs. Polyspace Code Prover

Compared 7% of the time.

Parasoft SOAtest vs. Polyspace Code Prover

Compared 6% of the time.

GitLab vs. Polyspace Code Prover

Compared 3% of the time.

More Polyspace Code Prover Competitors →

Also Known As

Synopsys Static Analysis

Learn More

Synopsys

MathWorks

Video Not Available

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

Polyspace Code Prover is a sound static analysis tool that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in C and C++ source code. It produces results without requiring program execution, code instrumentation, or test cases. Polyspace Code Prover uses semantic analysis and abstract interpretation based on formal methods to verify software interprocedural, control, and data flow behavior. You can use it on handwritten code, generated code, or a combination of the two. Each operation is color-coded to indicate whether it is free of run-time errors, proven to fail, unreachable, or unproven.

Sample Customers

MStar Semiconductor, Alcatel-Lucent

Alenia Aermacchi, CSEE Transport, Delphi Diesel Systems, EADS, Institute for Radiological Protection and Nuclear Safety, Korean Air, KOSTAL, Miracor, NASA Ames Research Center

Top Industries

REVIEWERS

Manufacturing Company36%

Comms Service Provider20%

Computer Software Company20%

Retailer8%

VISITORS READING REVIEWS

Manufacturing Company29%

Computer Software Company16%

Financial Services Firm7%

Government4%

VISITORS READING REVIEWS

Manufacturing Company34%

Computer Software Company15%

Transportation Company7%

Retailer5%

Company Size

REVIEWERS

Small Business16%

Midsize Enterprise14%

Large Enterprise70%

VISITORS READING REVIEWS

Small Business13%

Midsize Enterprise10%

Large Enterprise76%

VISITORS READING REVIEWS

Small Business16%

Midsize Enterprise9%

Large Enterprise75%

Coverity vs Polyspace Code Prover comparison