Coverity vs Fortify Software Security Center comparison

Black Duck and OpenText are both solutions in the Static Application Security Testing (SAST) category. Black Duck is ranked #4 with an average rating of 8.0, while OpenText is ranked #26 with an average rating of 8.3. Black Duck holds a 8.0% mindshare in SAST, compared to OpenText’s 0.4% mindshare. Additionally, 88% of Black Duck users are willing to recommend the solution, compared to 100% of OpenText users who would recommend it.

Coverity

Read 42 Coverity reviews

11,969 Views
8,281 Comparison Views

88% willing to recommend

Fortify Software Security C...

Read 6 Fortify Software Security Center reviews

437 Views
319 Comparison Views

100% willing to recommend

Coverity

Fortify Software Security C...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Fortify Software Security Center and Coverity are leading competitors in the software security solutions category. Fortify appears to have an edge in data comparisons, primarily due to pricing and support, while Coverity stands out with comprehensive features, offering significant value despite its higher cost.

Features: Fortify Software Security Center is noted for its comprehensive integration with development tools, strong vulnerability detection capabilities, and broad tool integration. Coverity is valued for its precise static analysis, ease of integration in multiple environments, and superior static analysis precision.

Room for Improvement: Fortify Software Security Center users pinpoint excessive false positives as a critical improvement area, along with a need for better detection accuracy and updates. Users of Coverity seek enhanced scalability, faster analysis times, and improved process efficiency.

Ease of Deployment and Customer Service: Fortify Software Security Center is easy to deploy, with supportive customer service guiding users through processes. Coverity has streamlined deployment and responsive service, though complex configurations can be challenging for some users.

Pricing and ROI: Fortify Software Security Center is perceived as cost-effective, offering a solid ROI, appealing to budget-conscious buyers. Coverity, although more expensive, is justified by high ROI, driven by its advanced and reliable features.

To learn more, read our detailed Coverity vs. Fortify Software Security Center Report (Updated: April 2025).

Buyer's Guide

Coverity vs. Fortify Software Security Center

April 2025

Download the complete report

Helped 847,625 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Coverity

Ranking in Static Application Security Testing (SAST)

4th

Average Rating

7.8

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Fortify Software Security C...

Ranking in Static Application Security Testing (SAST)

26th

Average Rating

7.8

Reviews Sentiment

8.3

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of April 2025, in the Static Application Security Testing (SAST) category, the mindshare of Coverity is 8.0%, up from 7.0% compared to the previous year. The mindshare of Fortify Software Security Center is 0.4%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Application Security Testing (SAST)

Featured Reviews

Md. Shahriar Hussain

Information Security Analyst at Banglalink

Offers impressive reporting features with user-friendliness and high scalability

The solution can be easily setup but requires heavy integration due to the multiple types of port and programming languages involved. Comparing the resource requirements of the solution I would say it can be installed effortlessly. I would rate the initial setup an eight out of ten. A professional needs some pre-acquired knowledge to manage Coverity's deployment process, but the local solution partners provide support well enough for trouble-free deployment. The overall deployment process of Coverity took around two and a half hours in our organization. The deployment duration depends upon the operating system and resources including high-end RAM and CPU processors.

Read full review

Jonathan Steyn

Principal Technical Consultant at EOH

Comprehensive vulnerability analysis and customization features with decent pricing

Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances. WebInspect supports a number of APIs and web endpoints. I find its feature of macro recording allows for testing vulnerabilities during multi-factor authentication sessions very valuable. I appreciate the ability to further analyze data with tools like Audit Workbench.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time."

"The most valuable feature is the integration with Jenkins."

"It help us identify the latest security vulnerabilities."

"The most valuable feature of Coverity is the wrapper. We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. Additionally, it is a powerful capabilities solution."

"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."

"In my opinion, the most effective Coverity feature for identifying critical vulnerabilities is the extra checks, which offers deep analysis."

"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."

"The solution has improved our code quality and security very well."

More Coverity pros

"Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances."

"The reporting is very useful because you can always view an entire list of the issues that you have."

"I like the explanation of issues provided by Fortify Software Security Center."

"You can easily download the tool's rule packs and update them."

"This is a stable solution at the end of the day."

"Fortify Analytics' AI function helps scan and provides more detailed explanations and recommendations about vulnerabilities."

"The overall rating for this tool is ten out of ten."

Cons

"The quality of the code needs improvement."

"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."

"The solution is a bit complex to use in comparison to other products that have many plugins."

"Coverity takes a lot of time to dereference null pointers."

"SCM integration is very poor in Coverity."

"The solution needs to improve its false positives."

"The product could be enhanced by providing video troubleshooting guides, making issue resolution more accessible. Troubleshooting without visual guides can be time-consuming."

"It would be great if we could customize the rules to focus on critical issues."

More Coverity cons

"Improvements needed for Software Security Center include better aggregation views of datasets."

"I am not satisfied with the percentage of false positives, which is around eighteen percent."

"The product's overlap feature is restrictive and requires more customization efforts, which can be expensive."

"We are having issues with false positives that need to be resolved."

"Improvements needed for Software Security Center include better aggregation views of datasets."

"Fortify Software Security Center's setup is really painful."

"This solution is difficult to implement, and it should be made more comfortable for the end-users."

Pricing and Cost Advice

"I would rate the tool's pricing a one out of ten."

"The solution is affordable."

"The price is competitive with other solutions."

"The tool was fairly priced."

"Coverity’s price is on the higher side. It should be lower."

"The licensing fees are based on the number of lines of code."

"Coverity is quite expensive."

"This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."

More Coverity pricing and cost advice

"As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available."

"This is a costly solution that could be cheaper."

"The solution is priced fair."

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

847,625 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

33%

Computer Software Company

14%

Financial Services Firm

Government

Manufacturing Company

20%

Financial Services Firm

17%

Computer Software Company

12%

Real Estate/Law Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

How would you decide between Coverity and Sonarqube?

We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...

See all answers

What do you like most about Coverity?

The solution has improved our code quality and security very well.

See all answers

What is your experience regarding pricing and costs for Coverity?

I do not know about the pricing.

See all answers

What do you like most about Micro Focus Software Security Center?

You can easily download the tool's rule packs and update them.

See all answers

What is your experience regarding pricing and costs for Micro Focus Software Security Center?

In the beginning, it was difficult for me to verify that our usage of Fortify Software Security Center corresponded to the license and criteria. Now, we have negotiated a number of details to respe...

See all answers

What needs improvement with Micro Focus Software Security Center?

I would like the false positive issue to diminish. I have experienced a lot of false positives, but I think this is due to using an older version. I hope the new version will resolve my problem.

See all answers

Comparisons

SonarQube Server (formerly SonarQube) vs Coverity

Compared 50% of the time

Klocwork vs Coverity

Compared 6% of the time

Fortify on Demand vs Coverity

Compared 6% of the time

Polyspace Code Prover vs Coverity

Compared 5% of the time

Veracode vs Coverity

Compared 5% of the time

More Coverity Competitors

Fortify on Demand vs Fortify Software Security Center

Compared 61% of the time

Acunetix vs Fortify Software Security Center

Compared 39% of the time

More Fortify Software Security Center Competitors

Product Reports

Buyer's Guide

Coverity

April 2025

Download Coverity product report

Buyer's Guide

Static Application Security Testing (SAST)

April 2025

Download Fortify Software Security Center product report

Also Known As

Synopsys Static Analysis

Micro Focus Software Security Center, Application Security Center, HPE Application Security Center, WebInspect

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports more than 20 languages and 200 frameworks and templates.

Black Duck

Software Security Center enables management, development, and security teams to work together to triage, track, validate, automate, and manage software security activities.

OpenText

Sample Customers

SAP, Mega International, Thales Alenia Space

Neosecure, Acxiom, Skandinavisk Data Center A/S, Parkeon

Buyer's Guide

Coverity vs. Fortify Software Security Center

April 2025

Free Report: Coverity vs. Fortify Software Security Center

Find out what your peers are saying about Coverity vs. Fortify Software Security Center and other solutions. Updated: April 2025.

DOWNLOAD NOW

847,625 professionals have used our research since 2012.

See our Coverity vs. Fortify Software Security Center report.

See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.