We performed a comparison between Coverity and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"It is a scalable solution."
"The most valuable feature is the integration with Jenkins."
"The solution has helped to increase staff productivity and improved our work significantly by approximately 20 percent."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"It's pretty stable. I rate the stability of Coverity nine out of ten."
"Provides software security, and helps to find potential security bugs or defects."
"We were very comfortable with the initial setup."
"The vulnerability management feature is a strong one. And also the patch management feature."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"It is a good product for website penetration testing to detect vulnerabilities."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"The interface is user-friendly and easy to understand."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues."
"We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."
"The reporting tool integration process is sometimes slow."
"Sometimes it's a bit hard to figure out how to use the product’s UI."
"The product lacks sufficient customization options."
"We'd like it to be faster."
"Some features are not performing well, like duplicate detection and switch case situations."
"The setup takes very long."
"Its price can be improved. Price is always an issue with Synopsys."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"There could be better management and faster scanning."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"There should be better visibility into the application."
"Deployment can be complicated."
"The pricing does not seem to be competitive."
"The reporting contains too many false positives."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
More Qualys Web Application Scanning Pricing and Cost Advice →
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Qualys Web Application Scanning is ranked 14th in Static Application Security Testing (SAST) with 31 reviews. Coverity is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect. See our Coverity vs. Qualys Web Application Scanning report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.