Coverity Static vs Tenable Security Center comparison

The compared Black Duck and Tenable solutions aren't in the same category. Black Duck is ranked #4 in SAST , with an average rating of 8.0, and holds a 6.3% mindshare in the category. Tenable is ranked #3 in RBVM , with an average rating of 8.7, and holds a 9.9% mindshare. Additionally, 89% of Black Duck users are willing to recommend the solution, compared to 96% of Tenable users who would recommend it.

Coverity Static

Read 43 Coverity Static reviews

12,008 Views
10,207 Comparison Views

89% willing to recommend

Tenable Security Center

Read 55 Tenable Security Center reviews

8,545 Views
3,931 Comparison Views

96% willing to recommend

Coverity Static

Tenable Security Center

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Coverity Static and Tenable Security Center based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: August 2025).

Buyer's Guide

Static Application Security Testing (SAST)

August 2025

Download the complete report

Helped 867,497 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Coverity Static

Average Rating

7.8

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Static Application Security Testing (SAST) (4th)

Tenable Security Center

Average Rating

8.2

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Vulnerability Management (4th), Cloud Security Posture Management (CSPM) (10th), Risk-Based Vulnerability Management (3rd)

Mindshare comparison

Coverity Static and Tenable Security Center aren’t in the same category and serve different purposes. Coverity Static is designed for Static Application Security Testing (SAST) and holds a mindshare of 6.3%, down 7.1% compared to last year.
Tenable Security Center, on the other hand, focuses on Risk-Based Vulnerability Management, holds 9.9% mindshare, down 20.9% since last year.

Static Application Security Testing (SAST) Market Share Distribution
Product	Market Share (%)
Coverity	6.3%
SonarQube Server (formerly SonarQube)	20.3%
Checkmarx One	9.9%
Other	63.5%

Static Application Security Testing (SAST)

Risk-Based Vulnerability Management Market Share Distribution
Product	Market Share (%)
Tenable Security Center	9.9%
Qualys VMDR	16.1%
Rapid7 InsightVM	14.2%
Other	59.8%

Risk-Based Vulnerability Management

Featured Reviews

Jaile Sebes

Senior Software Architect at Siemens Industry

Resolving critical software issues demands faster implementation and better integration

We use Coverity primarily to find issues such as software bugs and memory leaks, especially in C++ and C# projects. It helps us identify deadlocks, synchronization issues, and product crashes Coverity has been instrumental in resolving product crashes by detecting various issues like deadlocks.…

Read full review

OndrejKOVAC

Solution engineer at EXPERTience

Empower clients with risk-based vulnerability management through continuous workflow and valuable insights

Tenable Security Center could improve by implementing more dynamic data displays and translating reports into European languages. This is especially relevant in Central Eastern Europe, where clients often require reports in local languages. Additionally, the licensing model could be more flexible for managed security providers, similar to a pay-as-you-go model.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Coverity is easy to set up and has a less lengthy process to find vulnerabilities."

"Coverity is quite stable and we haven’t had any issues or any downtime."

"The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."

"We were very comfortable with the initial setup."

"Considering the analysis part and the benchmarking process involving the product that my company carried out, the solution is good for finding bugs and violations"

"The tool as it is can be used for code quality improvement."

"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."

"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."

More Coverity Static pros

"The initial setup process is simple."

"The most valuable feature of the product is the Assurance Report Card, which gives us an overview of the security poster in just a simple glance."

"I find Tenable SC to be a very scalable product."

"The predictive prioritization features are pretty good. They do a lot of research and we trust the research that they do internally. They have knowledge of what's going on with many companies, where we only get a view into what's going on here. So the ability to get best practices out of them as part of this solution, is valuable to us."

"The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs."

"The product is our second solution, and we are happy that it meets our requirements."

"The most valuable features in Tenable SC are scanning and analysis."

"Tenable.sc's best features are the availability model, accident management, and scoring."

More Tenable Security Center pros

Cons

"There should be additional IDE support."

"Reporting engine needs to be more robust."

"The solution is a bit complex to use in comparison to other products that have many plugins."

"The quality of the code needs improvement."

"SCM integration is very poor in Coverity."

"Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code."

"We'd like it to be faster."

"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."

More Coverity Static cons

"We are facing some challenges related to our channel."

"Tenable's reporting engine needs improvement. It needs to be more efficient and add more features."

"Current web page needs improvement, slows down processes."

"The solution is expensive."

"The reporting needs a lot of work on the template."

"The solution's user interface has some issues."

"Tenable SC can improve by adding more integrations with HCI-type tools and more accurate vulnerability detection."

"Tenable SC could improve by making the creation of the initial reports easier that correspond to our network."

More Tenable Security Center cons

Pricing and Cost Advice

"Coverity’s price is on the higher side. It should be lower."

"Offers varying prices for different companies"

"I would rate the tool's pricing a one out of ten."

"The price is competitive with other solutions."

"The solution's pricing is comparable to other products."

"Depending on the usage types, one has to opt for different types of licenses from Coverity, especially to be able to use areas like report viewing or report generation."

"The pricing is very reasonable compared to other platforms. It is based on a three year license."

"The tool was fairly priced."

More Coverity Static pricing and cost advice

"The tool costs around 15,000 Saudi riyals monthly."

"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."

"We're a Fortune 500 company... our licensing costs [are] in the seven figures."

"It is slightly more expensive than other solutions in the same sphere."

"The price of Tenable SC is expensive, we pay approximately €70,000 for the license annually. We have to pay for each IP test. The cost of other solutions is far less, such as Nessus Professional, which is €3,000 annually."

"The pricing depends upon the number of IPs."

"It is a bit expensive. Everything is included in the license."

"The licensing costs for this solution are approximately $100,000 US, and I think that covers everything."

More Tenable Security Center pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See recommendations

867,497 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

32%

Computer Software Company

14%

Financial Services Firm

Government

Financial Services Firm

12%

Computer Software Company

11%

Government

10%

Manufacturing Company

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	6
Large Enterprise	31

By reviewers
Company Size	Count
Small Business	22
Midsize Enterprise	10
Large Enterprise	26

Questions from the Community

How would you decide between Coverity and Sonarqube?

We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing rem...

See all answers

What do you like most about Coverity?

The solution has improved our code quality and security very well.

See all answers

What is your experience regarding pricing and costs for Coverity?

I do not know about the pricing.

See all answers

What do you like most about Tenable SC?

The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs.

See all answers

What is your experience regarding pricing and costs for Tenable SC?

The price of Tenable Security Center is not so high; it's relatively a cheaper solution.

See all answers

What needs improvement with Tenable SC?

The reason for rating it an eight out of ten is that the initial setup could be easier; the setup is rather difficult, and that's why we are focusing on the initial hearing.

See all answers

Comparisons

SonarQube Server (formerly SonarQube) vs Coverity Static

Compared 41% of the time

Klocwork vs Coverity Static

Compared 8% of the time

Polyspace Code Prover vs Coverity Static

Compared 6% of the time

OpenText Core Application Security vs Coverity Static

Compared 6% of the time

CodeSonar vs Coverity Static

Compared 6% of the time

More Coverity Static Competitors

Qualys VMDR vs Tenable Security Center

Compared 12% of the time

Rapid7 InsightVM vs Tenable Security Center

Compared 11% of the time

Tenable Nessus vs Tenable Security Center

Compared 10% of the time

Tenable Vulnerability Management vs Tenable Security Center

Compared 8% of the time

The NodeZero Platform vs Tenable Security Center

Compared 7% of the time

More Tenable Security Center Competitors

Product Reports

Buyer's Guide

Coverity Static

September 2025

Download Coverity Static product report

Buyer's Guide

Tenable Security Center

August 2025

Download Tenable Security Center product report

Also Known As

Synopsys Static Analysis

Tenable.sc, Tenable Unified Security, Tenable SecurityCenter

Overview

Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts.

Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports more than 20 languages and 200 frameworks and templates.

Black Duck

Get a risk-based view of your IT, security and compliance posture so you can quickly identify, investigate and prioritize your most critical assets and vulnerabilities.

Managed on-premises and powered by Nessus technology, the Tenable Security Center (formerly Tenable.sc) suite of products provides the industry’s most comprehensive vulnerability coverage with real-time continuous assessment of your network. It’s your complete end-to-end vulnerability management solution.

Tenable

Sample Customers

SAP, Mega International, Thales Alenia Space

IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific

Buyer's Guide

Static Application Security Testing (SAST)

August 2025

Download Free Report

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: August 2025.

DOWNLOAD NOW

867,497 professionals have used our research since 2012.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.