We performed a comparison between Coverity and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's very stable."
"Coverity is quite stable and we haven’t had any issues or any downtime."
"I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"It is a scalable solution."
"The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"The extension that it provides with the community version for the skills mapping is excellent."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The active scanner, which does an automated search of any web vulnerabilities."
"It offers very good accuracy. You can trust the results."
"The initial setup is simple."
"SCM integration is very poor in Coverity."
"The product lacks sufficient customization options."
"The solution's user interface and quality gate could be improved."
"The quality of the code needs improvement."
"They could improve the usability. For example, how you set things up, even though it's straightforward, it could be still be easier."
"It should be easier to specify your own validation routines and sanitation routines."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"We use GitHub and Gitflow, and Coverity does not fit with Gitflow. I have to create a screen for our branches, and it's a pain for developers. It has been difficult to integrate Coverity with our system."
"There should be a heads up display like the one available in OWASP Zap."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"In the Professional version, we cannot link it with the CI/CD process."
"The technical support team's response time is mostly delayed and should be improved."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"Sometimes the solution can run a little slow."
"If your application uses multi-factor authentication, registration management cannot be automated."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while PortSwigger Burp Suite Professional is ranked 5th in Static Application Security Testing (SAST) with 57 reviews. Coverity is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Coverity vs. PortSwigger Burp Suite Professional report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.