We performed a comparison between Coverity and Synopsys Code Dx based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST)."The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."
"It's very stable."
"It has the lowest false positives."
"The product has deeper scanning capabilities."
"The product is easy to use."
"It is a scalable solution."
"The most valuable feature is the integration with Jenkins."
"The solution effectively identifies bugs in code."
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."
"The solution is a bit complex to use in comparison to other products that have many plugins."
"Coverity takes a lot of time to dereference null pointers."
"The quality of the code needs improvement."
"The setup takes very long."
"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."
"The solution's user interface and quality gate could be improved."
"The tool needs to improve its reporting."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Synopsys Code Dx is ranked 32nd in Static Application Security Testing (SAST) with 1 review. Coverity is rated 7.8, while Synopsys Code Dx is rated 0.0. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Synopsys Code Dx is most compared with Veracode, Checkmarx One and SonarQube.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.