Kiuwan and Coverity Static are important players in the static analysis tools category. Kiuwan is preferred for its competitive pricing and rapid scanning, whereas Coverity Static holds an advantage with its comprehensive features and low false-positive rate.
Features: Kiuwan offers quick scanning processes and is praised for ease of integration with Jenkins. It supports a broad technology stack and provides effective vulnerability identification both locally and in cloud environments. Coverity Static is notable for its low false-positive rate, deep scanning capabilities, and strong integration with CI/CD pipelines across multiple programming languages.
Room for Improvement: Users suggest Kiuwan needs to expand its supported languages and enhance integration with popular tools like Visual Studio. There's also a call for improved user interface and reporting capabilities. Coverity Static could improve on reducing false positives, offering more user-friendly reporting, and creating a more accessible graphical interface. Both tools can benefit from broader language support and easier customization.
Ease of Deployment and Customer Service: Kiuwan supports flexible deployment options in public and hybrid clouds, while Coverity primarily relies on on-premises solutions. Kiuwan's customer service could be quicker and offer more interaction options. In contrast, Coverity's support is viewed positively for its responsiveness and extensive documentation, though some users experience delays in issue resolution.
Pricing and ROI: Kiuwan appeals to smaller businesses with its pricing per line of code model, showing improvements in development speed and code quality. Coverity Static offers a comprehensive feature set, though it is seen as costly for larger teams due to user-based pricing. Users suggest more flexible pricing models to increase adoption.
| Product | Market Share (%) |
|---|---|
| Coverity Static | 4.0% |
| Kiuwan | 1.0% |
| Other | 95.0% |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 6 |
| Large Enterprise | 31 |
| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 4 |
| Large Enterprise | 6 |
Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.
Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports more than 20 languages and 200 frameworks and templates.
Software analytics technology with a breadth of third party integrations that takes into account the wealth of applications your teams are currently using.
We facilitate and encourage work between unlocalized teams. We understand the complexity of working on multi technology environments, constantly striving to increase the number of programming languages and technologies we support.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
