Coverity Reviews

It is a software with a very large utility. It is quite complete, meets all the features and functions promised from the beginning. It allows finding solutions to errors or problems in the source code quickly and safely.

The interface makes the software use a little complicated, which is a bit annoying. In general, the software works excellently, without any inconvenience, all the reports so far are completely complete and detailed.

Coverity is an indispensable tool for the website. It is fast and efficient, until now it has never failed us. It is really a useful and sustainable tool. I recommend that you try it and so you can receive all the great benefits.

Coverity and its great functions has provided protection and immediate security to our website. Now with quick and detailed reports we can identify any error or vulnerability in the source code and thus, amend our error and find quick and immediate solutions. The website thanks to this is more protected from any errors, customers have noticed the difference, because we feel completely satisfied, with this great benefit that Coverity has brought to our work.

What I like about this software is:

- Simple to use, it is not at all complicated to learn to use it.

- Quite complete, the features they have are practical and work very well.

- Provides reports of the complete information of the vulnerabilities and inconveniences that the source code of the page presents.

- Quick function.

- Deep analysis

- Help find systematic solutions.

What I do not like is that the interface is a bit complex, in my opinion, what bothers me a little and interferes with my work as it makes the use of software more difficult. However until now all the reports have been very complete and accurate, I can not complain about how great it has worked so far.

I recommend that you apply this software to your page and consult the complete reports that it provides, it offer the immediate results and detail in an effective way all the problems that the source code may have. This allows you to find quick solutions that are beneficial to your company. Try it and you will see that you will not regret it.

The main benefits are the search for quick solutions, thanks to Coverity the security of our website has increased due to the fact that errors and vulnerabilities in the source code have diminished. Now our product is presented in a much more attractive way which has improved our business in a much bigger way than we thought. Now all our clients are totally pleased.

It is a quite simple software to use, it provides quite complete reports regarding the information of the problems found in the source code of my page. It is fast and authentic, the analysis is comprehensive, contributes in this way to find solutions quickly and easily to prevent future complications with the website.

The interface is a little charged, which has made using it difficult and complicated to understand. Sometimes it has happened that the analysis throws some erroneous information and it has had to be inspected manually, this delays and complicates the work.

Now the codings of the company will have a high quality thanks to this software, it is very useful because, anyone likes to be warned before any error occurs, and Coverity gives you that great possibility. You can find solutions to errors so that your codes will always be in good condition and your product will be free from unsafe faults.

Many goals have been achieved, in my company both partners and colleagues feel that now our product is offered with a high quality. Now our security is quite good, it has allowed us to be able to do in depth analysis to avoid any vulnerability or error in the code to prevent any failure before offering our product.

I like how easy it is to use and the great capacity of immediate analysis that this software provides with respect to the source code. It explains quickly the errors and defects that the code can contain.

There has been a small number of cases in which it gives a false alarm of error in the code, and complicates the work. Interface a bit complicated to use.

It is a very useful software that will help to keep away from your codes the defects and any vulnerability that may exist, in this way you will find faster solutions and all your codifications will be of the best quality.

It has benefited my work in the company because with this software it is now easier to find the defects and errors with their corresponding solutions to the source code, thus helping to make an exhaustive analysis before selling the product and implementing it. and quality to offer the best to our customers.

It is effective when it comes to finding defects, errors and security vulnerabilities in the source code. The analysis of the corresponding code is effective which allows to correct the errors quickly in order to find solutions, thus representing a great utility for my company.

In my opinion, the interface is a bit overloaded. It presents some faults when presenting the analysis of the codes and we had to redo the work of looking for defects because we found deficiency in the analysis of small errors.

It is really useful to maintain the quality when you want to have a large and long-term project in which the equipment has different encodings, with the great help of Coverity it is possible to achieve the codification of all of them before existing vulnerabilities to achieve a clean and smooth job any error.

Many things were achieved in my company, in which customers, colleagues and business partners are satisfied.

Security risks have been avoided

Ease of use of our product, also with a better quality

Prevention of sending a bad job, thanks to the fact that we found the code defects before offering it.

There are many things that I can describe that are extraordinary in this software, significantly represents an effective use.

- It works quickly,

- Perform a thorough and accurate analysis.

- It allows large scale to find quick solutions.

- Ease of understanding of reports with detailed information on any threat or vulnerability that has the source code of my website.

- Complete tools, work fluidly.

- Its use is extremely simple.

I feel that the interface is a little complicated to understand, it slows down the process and the analysis management. However I am attached to my opinion that despite all the software is complete and works perfectly.

It is without a doubt an incredible software, with a lot of power and extremely necessary to take preventive measures against any threat that the source code or the website in general may have, so there may be quick solutions.

If you are worried about any threat or inconvenience with your source code, you will find Coverity. It provides complete and accurate reports that will undoubtedly help find the best possible solutions. If that is what you need, I definitely recommend this magnificent tool.

The search for quick solutions to any threat, vulnerability or problem that the source code present has been achieved thanks to Coverity, and that is not much to say. The preventive reports and analyzes have helped us to correct any inconvenience. We managed to offer all customers a new website, renewed and with an excellent presence. They are great benefits.

It is a very profitable platform to locate errors that can make the source code of a project very bulnerable, showing in a very simple and organized way the report of errors and likewise be able to correct them through the different tools that this software has and have a good security In the code.

Sometimes bug reports show failures that are not entirely source code errors, making repairing the code a bit cumbersome since it could be a bug in this software. They should make the platform a little more interactive.

Recommended for any type of project either extensive or short codes, since having a good code defined without failures makes work less frustrating when it comes to applying your work.

Serious security flaws have been found due to the completeness of the codes, coverity makes the work easier to detect vulnerability.

Coverity is the best static code analyzer. It's actually a beast with so many functionalities. It's a must-have tool for all enterprises. I like the following features the most.

- Nice Graphical interface

- Plugins/integration with different code repositories/build frameworks.

- SSO / LDAP integration to login.

- Not very tough to learn the controls.

- Detailed information for each defect.

- Generation of detailed Coverity reports

- Ability to filter / control various issues / defects.

The entire coverity System is not a simple product. You need to spend some time to get used to their controls and all the functionalities. Sometimes, we see a lot of false negatives in the static code analysis. Even after marking some defects as invalid, we still see the same issues again and again.

The main use of Coverity is to do static code analysis. It helps to discover a lot of issues with the badly written code (buffer overflows, NULL de-reference, dangling pointer etc). This also helps to fix major security issues in the code which is very very important in the software development life cycle.

Excellent when it comes to long lines of code which is able to find fault in new software that is being created, it is fast and efficient when finding an error or security failure.

More suggestions on how to solve the security bug and sometimes fail to want to upload a project.

Recommended for new developers of any language that need to find a security flaw.

I corrected bugs from an android application and the tool found multiple bugs that made the application bulnerable.

It scrutinizes code with somewhat blind logic and address weak point of the code. It is good at identifying vulnerable points and helps toward future proof coding. Automatic backround run also make its integration into code flow seamless. Code analysis and suggestion is quite amazing and accurate so help the fix or improvement a lot.

By nature, it runs blind test to many degree so usage based limits are not well honored. It's like double edge of sword so it is its own strong point but at the same time somewhat stubburn point also. Review or coordinated work support is one of lacking capability. It just has tracking capability currently.

For longer term projects, across large group of teams with different coding level background, coverity can be a great tool to maintain quality and plug possible vulnerable coding practice through through check.

Robustness in code in general. Great help in achieving uniform coding quality across multiple team with diverse background.

The 2017 version of Coverity scans the latest of version of C++ and Javascript (ES6) better than the other SAST tools.

Coverity's licensing is based on the number of developers who work on a component that is scanned, rather than the number of developers who actually use the tool.

Business problems being solved by using Coverity are to uncover security vulnerabilities in code before code is released. We have caught security vulnerabilities before code has been released to the livesite.

Specific feedback broken down to the line of code where the opportunity for improvement has been found. Can easily track which issues have been addressed and what the resolution was, or that code is as expected or otherwise won't be updated and it will quit flagging that issue.

Adds overhead to the build, slowing them down a bit. I also understand that it is fairly expensive although I don't manage the budget so I just try to make good use of the results.

We also considered using Visual Studio Team System tools, NAnt and SonarQube.

Shipping code with fewer bugs. We also used it to evaluate changes from one compiler version to the next.

Coverity was able to find code defects that other products were unable to find.

It was incorporated in our build easily and support was great.

We hit a few defects when looking at our million+ lines of code project. Some were

not code defects but flagged as defects. Others we would like to pass certian

constructs without warning, but were unable.

We were able to increase reliability of our product which made our customers very happy.

Very good for embedded development and very effective in detecting hard-to-find bugs. Very low false positive rate.

Analysis Result dashboard can be more user friendly.

Useful for finding the corner cases and minute bugs

It supports wide variety of platforms and with number of different compilers.

It is very helpful in getting the errors fixed quickly and it gives the solutions

The user interface is pretty ugly in my opinion

Possible security risks

Security issues

Static dynamic code analysis

False positives are not detected properly with code analysis

Code reviews for early security bugs

The ability of separate bugs by types and different folders where the source code is located.

There are a lot of duplicated information, and fake bugs that depending of the compiler it seems to be an error or not.

Checking code syntax error and possible memory leaks.

The reports are easy to read and understand, helping you find and fix bugs quickly.

It can take a bit of work to set up suitably for a given project.

Automates the process of catching otherwise hard to detect bugs in software.

I like static and dynamic analysis of code..The root cause of each defect is clearly explained,

Certain times becomes slow,Easy to implement, challenging to get teams to adopt and use effectively

Yes I would like to recommend

making it easy to fix bugs

Its excellent features like dereferences of NULL pointers, buffer overruns, concurrency issues and many more

Nothing at all, I find the tool very useful for many coding problems

Production code is thoroughly analyzed before deployment.

It has caught some serious memory leak issues. It is good to have.

Many false positives and dead code detections have been frustrating.

Code quality and memory leak detections

The good technical service it offers, in less than 24h

The user experience is a bit confusing if you're new

Security issues we have everyday

The path detection and pointing exact location of defect

Longer compile time and some of the graphs shown

Code quality and automation of reducing defect density