We performed a comparison between Coverity and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the most valuable features is Contributing Events. That particular feature helps the developer understand the root cause of a defect. So you can locate the starting point of the defect and figure out exactly how it is being exploited."
"It is a scalable solution."
"I encountered a bug with Coverity, and I opened a ticket. Support provided me with a workaround. So it's working at the moment, or at least it seems to be."
"The solution has improved our code quality and security very well."
"The product has been beneficial in logging functionality, allowing me to categorize vulnerabilities based on severity. This aids in providing updated reports on subsequent scans."
"The most valuable feature of Coverity is its software security feature called the Checker. If you share some vulnerability or weakness then the software can find any potential security bug or defect. The code integration tool enables some secure coding standards and implements some Checkers for Live Duo. So we can enable secure coding and Azure in this tool. So in our software, we can make sure our software combines some industry supervised data."
"We were very comfortable with the initial setup."
"The app analysis is the most valuable feature as I know other solutions don't have that."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"It works with many different products."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"It is easy to use."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"It is a very stable solution."
"The product prevents possible vulnerabilities in our network."
"Right now, the Coverity executable is around 1.2GB to download. If they can reduce it to approximately 600 or 700MB, that would be great. If they decrease the executable, it will be much easier to work in an environment like Docker."
"Reporting engine needs to be more robust."
"Its price can be improved. Price is always an issue with Synopsys."
"The setup takes very long."
"SCM integration is very poor in Coverity."
"The solution's user interface and quality gate could be improved."
"Coverity could improve the ease of use. Sometimes things become difficult and you need to follow the guides from the website but the guides could be better."
"The product lacks sufficient customization options."
"There should be better visibility into the application."
"The product should allow users to upload their payloads."
"The reporting contains too many false positives."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The pricing does not seem to be competitive."
"There could be better management and faster scanning."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"The scanner reports a lot of false positives, which is something that needs to be improved."
More Qualys Web Application Scanning Pricing and Cost Advice →
Coverity is ranked 4th in Static Application Security Testing (SAST) with 34 reviews while Qualys Web Application Scanning is ranked 14th in Static Application Security Testing (SAST) with 31 reviews. Coverity is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Coverity writes "Best SAST tool to check software quality issues". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Coverity is most compared with SonarQube, Klocwork, Fortify on Demand, Checkmarx One and Veracode, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect. See our Coverity vs. Qualys Web Application Scanning report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.