• Home
  • Coverity vs. Invicti

Coverity vs Invicti comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
Coverity
Read 34 Coverity reviews
17,611 views|11,474 comparisons
89% willing to recommend
Invicti Logo
Invicti
Read 25 Invicti reviews
3,973 views|2,048 comparisons
96% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Coverity vs. Invicti
May 2024
Executive Summary

We performed a comparison between Coverity and Invicti based on real PeerSpot user reviews.

Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Coverity vs. Invicti Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Akshay Pawar
A tool to fix bug issues and detect errors with code analysis
The ability of Coverity to fix bug issues is important to me. Coverity actually helps to debug and deal really fast when it comes to code analysis.... Read more →
Amr Abdelnaser
A safe solution used to detective vulnerabilities for dynamic and complex testing
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be.""We were very comfortable with the initial setup.""The ability to scan code gives us details of existing and potential vulnerabilities. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time.""Coverity gives advisory and deviation features, which are some of the parts I liked.""I like Coverity's capability to scan codes once we push it. We don't need more time to review our colleagues' codes. Its UI is pretty straightforward.""Coverity is scalable.""It provides reports about a lot of potential defects.""The most valuable feature is that there were not a whole lot of false positives, at least on the codebases that I looked at."

More Coverity Pros →

"Invicti's best feature is the ability to identify vulnerabilities and manually verify them.""The best features of Invicti are its ability to confirm access vulnerabilities, SSL injection vulnerabilities, and its connectors to other security tools.""The scanner and the result generator are valuable features for us.""The scanner is light on the network and does not impact the network when scans are running.""One of the features I like about this program is the low number of false positives and the support it offers.""This tool is really fast and the information that they provide on vulnerabilities is pretty good.""I am impressed with Invictus’ proof-based scanning. The solution has reduced the incidence of false positive vulnerabilities. It has helped us reduce our time and focus on vulnerabilities.""High level of accuracy and quick scanning."

More Invicti Pros →

Cons
"The product should include more customization options. The analytics is not as deep as compared to SonarQube.""Sometimes, vulnerabilities remain unidentified even after setting up the rules.""The setup takes very long.""It would be great if we could customize the rules to focus on critical issues.""Coverity is far from perfection, and I'm not 100 percent sure it's helping me find what I need to find in my role. We need exactly what we are looking for, i.e. security errors and vulnerabilities. It doesn't seem to be reporting while we are changing our code.""Sometimes it's a bit hard to figure out how to use the product’s UI.""Some features are not performing well, like duplicate detection and switch case situations.""We actually specified several checkers, but we found some checkers had a higher false positive rate. I think this is a problem. Because we have to waste some time is really the issue because the issue is not an issue. I mean, the tool pauses or an issue, but the same issue is the filter now.Some check checkers cannot find some issues, but sometimes they find issues that are not relevant, right, that are not really issues. Some customisation mechanism can be added in the next release so that we can define our Checker. The Modelling feature provided by Coverity helps in finding more information for potential issues but it is not mature enough, it should be mature. The fast testing feature for security testing campaign can be added as well. So if you correctly integrate it with the training team, maybe you can help us to find more potential issues."

More Coverity Cons →

"Invicti takes too long with big applications, and there are issues with the login portal.""The scannings are not sufficiently updated.""The licensing model should be improved to be more cost-effective. There are URL restrictions that consume our license. Compared to other DAST solutions and task tools like WebInspect and Burp Enterprise, Invicti is very expensive. The solution’s scanning time is also very long compared to other DAST tools. It might be due to proof-based scanning.""The higher level vulnerabilities like Cross-Site Scripting, SQL Injection, and other higher level injection attacks are difficult to highlight using Netsparker.""Right now, they are missing the static application security part, especially web application security.""The support's response time could be faster since we are in different time zones.""The scanner itself should be improved because it is a little bit slow.""Netsparker doesn't provide the source code of the static application security testing."

More Invicti Cons →

Pricing and Cost Advice
  • "Coverity is quite expensive."
  • "The licensing fees are based on the number of lines of code."
  • "The price is competitive with other solutions."
  • "It is expensive."
  • "Coverity is very expensive."
  • "This is a pretty expensive solution. The overall value of the solution could be improved if the price was reduced. Licensing is done on an annual basis."
  • "The pricing is very reasonable compared to other platforms. It is based on a three year license."
  • "The pricing is on the expensive side, and we are paying for a couple of items."

    • More Coverity Pricing and Cost Advice →

  • "It is competitive in the security market."
  • "OWASP Zap is free and it has live updates, so that's a big plus."
  • "We never had any issues with the licensing; the price was within our assigned limits."
  • "I think that price it too high, like other Security applications such as Acunetix, WebInspect, and so on."
  • "The price should be 20% lower"
  • "Netsparker is one of the costliest products in the market. It would help if they could allow us to scan multiple URLs on the same license."
  • "We are using an NFR license and I do not know the exact price of the NFR license. I think 20 FQDN for three years would cost around 35,000 US Dollars."
  • "Invicti is best suited for large enterprises. I don't think small and medium-sized businesses can afford it. Maintenance costs aren't that great."

    • More Invicti Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    How would you decide between Coverity and Sonarqube?
    Top Answer:We researched Coverity, but in the end, we chose SonarQube. SonarQube is a tool for reviewing code quality and security. It helps to guide our development teams during code reviews by providing… more »
    What do you like most about Coverity?
    Top Answer:The solution has improved our code quality and security very well.
    Read all 23 answers   →
    What is your experience regarding pricing and costs for Coverity?
    Top Answer:The tool was fairly priced.
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Netsparker Web Ap...
    Top Answer:The solution is very expensive. It comes with a yearly subscription. We were paying 6000 dollars yearly for unlimited scans. We have three licenses; basic, business, and ultimate. We need ultimate… more »
    Read all 5 answers   →
    What do you like most about Invicti?
    Top Answer:The most valuable feature of Invicti is getting baseline scanning and incremental scan.
    Read all 7 answers   →
    What needs improvement with Invicti?
    Top Answer:The solution's false positive analysis and vulnerability analysis libraries could be improved.
    Read all 7 answers   →
    Ranking
    4th
    out of 71 in Static Application Security Testing (SAST)
    Views
    17,611
    Comparisons
    11,474
    Reviews
    22
    Average Words per Review
    382
    Rating
    8.0
    15th
    out of 71 in Static Application Security Testing (SAST)
    Views
    3,973
    Comparisons
    2,048
    Reviews
    5
    Average Words per Review
    340
    Rating
    8.6
    Comparisons
    SonarQube logo
    SonarQube vs. Coverity
    Compared 51% of the time.
    Klocwork logo
    Klocwork vs. Coverity
    Compared 9% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. Coverity
    Compared 7% of the time.
    Checkmarx One logo
    Checkmarx One vs. Coverity
    Compared 6% of the time.
    Veracode logo
    Veracode vs. Coverity
    Compared 5% of the time.
    More Coverity Competitors   →
    OWASP Zap logo
    OWASP Zap vs. Invicti
    Compared 19% of the time.
    Acunetix logo
    Acunetix vs. Invicti
    Compared 14% of the time.
    Fortify WebInspect logo
    Fortify WebInspect vs. Invicti
    Compared 6% of the time.
    More Invicti Competitors   →
    Also Known As
    Synopsys Static Analysis
    Mavituna Netsparker
    Learn More
    Synopsys
    Invicti
    Overview

    Coverity gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix. With the Code Sight integrated development environment (IDE) plugin, developers get accurate analysis in seconds in their IDE as they code. Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. 

    Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.

    Invicti helps DevSecOps teams automate security tasks and save hundreds of hours each month by identifying web vulnerabilities that matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss with 99.98% accuracy, delivering on the promise of Zero Noise AppSec. Invicti helps discover all web assets — even ones that are lost, forgotten, or created by rogue departments. With an array of out-of-the-box integrations, DevSecOps teams can get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively while reducing risk and hitting the ROI goals.

    Sample Customers
    MStar Semiconductor, Alcatel-Lucent
    Samsung, The Walt Disney Company, T-Systems, ING Bank
    Top Industries
    REVIEWERS
    Manufacturing Company36%
    Comms Service Provider20%
    Computer Software Company20%
    Retailer8%
    VISITORS READING REVIEWS
    Manufacturing Company29%
    Computer Software Company16%
    Financial Services Firm7%
    Government4%
    REVIEWERS
    Computer Software Company36%
    Financial Services Firm18%
    Aerospace/Defense Firm9%
    Real Estate/Law Firm9%
    VISITORS READING REVIEWS
    Educational Organization51%
    Financial Services Firm8%
    Computer Software Company6%
    Manufacturing Company5%
    Company Size
    REVIEWERS
    Small Business16%
    Midsize Enterprise14%
    Large Enterprise70%
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business50%
    Midsize Enterprise12%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business8%
    Midsize Enterprise58%
    Large Enterprise34%
    Buyer's Guide
    Coverity vs. Invicti
    May 2024
    Free Report: Coverity vs. Invicti
    Find out what your peers are saying about Coverity vs. Invicti and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Invicti is ranked 15th in Static Application Security Testing (SAST) with 25 reviews. Coverity is rated 7.8, while Invicti is rated 8.2. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Invicti writes "A customizable security testing solution with good tech support, but the price could be better". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Invicti is most compared with OWASP Zap, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Fortify WebInspect. See our Coverity vs. Invicti report.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.