Coverity Reviews & Product Details

Coverity Overview

What is Coverity?

Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it’s being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.

Coverity Details
Website
Product Description

Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it’s being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.


Seller Details
Seller
Synopsys
Ownership
NASDAQ:SNPS
Company Website
Year Founded
1986
HQ Location
Mountain View, CA
Total Revenue (USD mm)
$3,360
Twitter
@synopsys
18,124 Twitter followers
LinkedIn® Page
www.linkedin.com
14,937 employees on LinkedIn®
Description

Synopsys helps customers innovate from Silicon to Software, so they can deliver Smart, Secure Everything


Overview Provided by:
Show More
Answer a few questions to help the Coverity community
Have you used Coverity before?
Yes

Coverity Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 39 Coverity reviews
Popular Mentions
Showing 39 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Region
Already have Coverity?
Write a Review
Graduate Software Engineer
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Finds many bugs and memo leaks, nice groups features Review collected by and hosted on G2.com.

What do you dislike?

Cluttered UI, tough to navigate through it Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I would recommend it, as apart from the slightly unintuitive UI, it is a nice tool. However, it is a bit old, so ensure you have looked on the market to check if there is anything better out there. My main advice will be to target the tools towards your needs regarding the languages you use, but it is always better to pick a flexible tool that covers many languages, so that in the future you can expand your language base, whilst staying on top of any security isssues. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Finding bugs and memo leaks in a variety of languages. Its API for Java is also an easy one to use and is well-documented. I really like that once these are assigned to you, you get reminders via email (it can be nicely integrated with Outlook), so that you don't forget. The detailed information on the issues and how they are represented graphically are also amongst its benefits. Review collected by and hosted on G2.com.

Show More
Show Less
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

I like that Coverity Scan is Free for open-source projects. In fact, I have not used the tool in production reasons, but rather for study/education/research purposes. In fact, we carried our a benchmarking of Static Analysis Security Testing tools for research purposes from the perspective of a tool to be able to produce alerts meaningful for software developers. And I can say that Coverity demonstrated itself as a very good tool. Review collected by and hosted on G2.com.

What do you dislike?

There is nothing particular about Coverity that I dislike. Maybe only that there is no free version for educational reasons. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I use Coverity Scan to scan my Open Source projects. Also, I used the results available for other projects to understand how secure these projects are and use them for research purposes. Review collected by and hosted on G2.com.

Show More
Show Less
Technical Lead
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

The best part is the UI.

Very detail code review considering every parameter to look code efficient and safe.

Fast and easy to use. Review collected by and hosted on G2.com.

What do you dislike?

Installation and configuration requires expertise in deployment of application. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Nothing for now. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Hello, I am Amit Shelke have used this tool for more than 4 years at Symantec Corp. I have also used other competitor product such as Crucible, Phabricator and CodeScene but the Coverity provides the best results when it comes to code review. On one of the site it is mentioned that "Coverity Static Code Analysis does not offer a free trial". Why should they do it. Its such a product you can buy fearlessly and assured that it works fantastically. Review collected by and hosted on G2.com.

Show More
Show Less
Agile Architect
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Being able to cluster the Coverity server was very helpful. We had 3 development centers around the world, and with clustering we were able to lessen the impact on the remote developers as well as consolidate the issue ids. This allowed us to have centralized reporting regarding the status of projects. Review collected by and hosted on G2.com.

What do you dislike?

On of my intial dislikes was the last of MISRA coverage, but as our usage went along Coverity added the MISRA checking that could be analized. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The initial addition of memory leak type bugs and are not possible to find with a standard compiler. Memory leak escapes have been reduced. Memory leak escapes that were create prior to Coverity usage have been found. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

I worked for the company so I may be biased. That said, the customers who used it were happy with how well it worked, the depth of the analysis, and how few false positives were given. Review collected by and hosted on G2.com.

What do you dislike?

This is compiler-level analysis so for 50 million lines of code it takes time. The results are worth it. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Try it on a sample to understand the accuracy of the analysis. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

On average, for 1 million lines of code it would identify 200 actual defects. True positives.

The Linux kernel was analyzed as proof of dependability. There you can see the defects found and fixed. Review collected by and hosted on G2.com.

Show More
Show Less
UT
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Coverity Scan is used for static code analysis of Open Source projects. It can analyze C, C++ and Java code.

Coverity’s static code analysis doesn’t run the code. Instead of that it uses abstract interpretation to gain information about the code’s control flow and data flow. It’s able to follow all possible code paths that a program may take. For example the analyzer understands that malloc() returns a memory that must be freed with free() later. It follows all branches and function calls to see if all possible combinations free the memory. The analyzer is able to detect all sorts of issues like resource leaks (memory, file descriptors), NULL dereferencing, use after free, unchecked return values, dead code, buffer overflows, integer overflows, uninitialized variables, and many more Review collected by and hosted on G2.com.

What do you dislike?

Sometimes it may not be accurate. There might be false positives Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Buffer Overflow, unreferenced null, resource leak Review collected by and hosted on G2.com.

Show More
Show Less
Software Engineer
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Organised way of keeping Defect records and quite through coverage of Code defects like memory leakage, unused variable, etc...

Good for CI/CD implementation.

Best for very large amount of Code and recudes manual power consumption majorly Review collected by and hosted on G2.com.

What do you dislike?

Not much coverage for Typescript and JavaScript.

It's Manual can be enhanced by adding more practical commands and real-time images Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Try it out, if you find any obstruction Coverity Support system is very active and thrill to help always Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Not much informative manual.

Difficult to find commands for Typescript and how to confirm if it is working fine or how to check its relaibility Review collected by and hosted on G2.com.

Show More
Show Less
IC
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

I was there pretty early and the people were great - made some of my best friendships - Also, it was a new a tech and way of helping coders Review collected by and hosted on G2.com.

What do you dislike?

As the company grew, new management came in and the culture changed from what we new. It wasn' "bad", but it was different. Most people complain about changing culture so nothing shocking to report :) Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Just run your code through and see the high-level results. Pretty amazing what you will find Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Solving efficiencies in coding and hidden vulnerabilities in millions of lines of code. Great part about it is Coverity could be run and show the customer in 24 hours where there were red-flags to review Review collected by and hosted on G2.com.

Show More
Show Less
UT
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

the way the coverity generates the report for various issue like "possible leak", "variable going outof scope", this helps in fixing the issues which developers would have introduced due to quick fixes in the code. Review collected by and hosted on G2.com.

What do you dislike?

Some of issues which are reported by coverity will be false positive, the tool can be improved in those areas and i also would like coverity to add support for run time code analysis. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

i would recommend considering it results Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

possible memory leak, variable going out of scope. These errors reported by coverity helps in re-looking the code and helps us to rethink and re-design the code in a better way so that production issues will be minimized. Review collected by and hosted on G2.com.

Show More
Show Less
Principal Software Engineer
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Coverity comes packed with loads of features for static code analysis. Review collected by and hosted on G2.com.

What do you dislike?

Not compatible with all of the programming languages. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Mainly Coverity has helped us a lot in finding the loop holes which could have lead any attacker to breach into the web application. Review collected by and hosted on G2.com.

Show More
Show Less
AC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

That it supports languages like C/C++ which most of the commercial tool don't support Review collected by and hosted on G2.com.

What do you dislike?

What I didn't like was tracing down the issues in source code file. Also, the user interface can be better. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I used Coverity to scan source code written in C language which either many other tools don't support or not that effective. Coverity dows a good job there. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Passive code scanning

Quick turnaround

Cost-effective bug fixes

Helps to implement security as a process in day-to-day activities Review collected by and hosted on G2.com.

What do you dislike?

Speed in bug scanning

False alarms

Custom rules implementation

Cloud integration Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Cost and quality delta improvements Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Critical security flaws

Implement company-wide security controls Review collected by and hosted on G2.com.

Show More
Show Less
UO
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Identifying memory leaks, null dereference Review collected by and hosted on G2.com.

What do you dislike?

Coverity setup takes very long. Usability needs to be improved. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Defects and vulnerabilities like memory leaks, dereference of null pointers, use of uninitialised data can be found out using coverity tool. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

The scan results are presented in detail and concise. Review collected by and hosted on G2.com.

What do you dislike?

The configuration is confusing and sometimes misleading. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

For coverity and misra compliance on firmware which has been implementated for the past over ten years. accumulated huge amount of violations; Review collected by and hosted on G2.com.

Show More
Show Less
AC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: G2 Gives Campaign
What do you like best?

It's detection, it's UI and its ability to kick out nice reports Review collected by and hosted on G2.com.

What do you dislike?

It did miss a few minor things when we compared against other scanners Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Use Jenkins to scan the code both the raw code and also at compile time when it's pulling in all the libraries and dependencies. Whenever a MR is submitted to Gitlab, it triggers a Jenkins job which will scan the raw code. Whenever a Jenkins build is tagged as release candidate, Coverity gets pulled in after everything is downloaded and built/compiled/etc. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It picked up all the big ones and it picked up a lot more stuff overall than the other scanners. The stuff it picked up was legitimate also, not a lot of false positives/alerts, useless noise that didn't warrant attention. We did a comprehensive analysis against multiple security scanners and spent 2 days comparing the scanning results of 4 different scanners against 4 different git repositories, aligning all the detections next to each other to see how they matched up, and in the end, Coverity won. Review collected by and hosted on G2.com.

Show More
Show Less
UA
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Algorithms , dashboard and scan time Review collected by and hosted on G2.com.

What do you dislike?

No readme documents, tips should be attached with failure Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Static code , the quality of my code Review collected by and hosted on G2.com.

Show More
Show Less
Information Technology Specialist
Information Technology and Services
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

It is a software with a very large utility. It is quite complete, meets all the features and functions promised from the beginning. It allows finding solutions to errors or problems in the source code quickly and safely. Review collected by and hosted on G2.com.

What do you dislike?

The interface makes the software use a little complicated, which is a bit annoying. In general, the software works excellently, without any inconvenience, all the reports so far are completely complete and detailed. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Coverity is an indispensable tool for the website. It is fast and efficient, until now it has never failed us. It is really a useful and sustainable tool. I recommend that you try it and so you can receive all the great benefits. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Coverity and its great functions has provided protection and immediate security to our website. Now with quick and detailed reports we can identify any error or vulnerability in the source code and thus, amend our error and find quick and immediate solutions. The website thanks to this is more protected from any errors, customers have noticed the difference, because we feel completely satisfied, with this great benefit that Coverity has brought to our work. Review collected by and hosted on G2.com.

Show More
Show Less
Information Technology Specialist
Computer Software
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

There are many things that I can describe that are extraordinary in this software, significantly represents an effective use.

- It works quickly,

- Perform a thorough and accurate analysis.

- It allows large scale to find quick solutions.

- Ease of understanding of reports with detailed information on any threat or vulnerability that has the source code of my website.

- Complete tools, work fluidly.

- Its use is extremely simple. Review collected by and hosted on G2.com.

What do you dislike?

I feel that the interface is a little complicated to understand, it slows down the process and the analysis management. However I am attached to my opinion that despite all the software is complete and works perfectly. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It is without a doubt an incredible software, with a lot of power and extremely necessary to take preventive measures against any threat that the source code or the website in general may have, so there may be quick solutions.

If you are worried about any threat or inconvenience with your source code, you will find Coverity. It provides complete and accurate reports that will undoubtedly help find the best possible solutions. If that is what you need, I definitely recommend this magnificent tool. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The search for quick solutions to any threat, vulnerability or problem that the source code present has been achieved thanks to Coverity, and that is not much to say. The preventive reports and analyzes have helped us to correct any inconvenience. We managed to offer all customers a new website, renewed and with an excellent presence. They are great benefits. Review collected by and hosted on G2.com.

Show More
Show Less
Area Manager
Environmental Services
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It is a very profitable platform to locate errors that can make the source code of a project very bulnerable, showing in a very simple and organized way the report of errors and likewise be able to correct them through the different tools that this software has and have a good security In the code. Review collected by and hosted on G2.com.

What do you dislike?

Sometimes bug reports show failures that are not entirely source code errors, making repairing the code a bit cumbersome since it could be a bug in this software. They should make the platform a little more interactive. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Recommended for any type of project either extensive or short codes, since having a good code defined without failures makes work less frustrating when it comes to applying your work. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Serious security flaws have been found due to the completeness of the codes, coverity makes the work easier to detect vulnerability. Review collected by and hosted on G2.com.

Show More
Show Less
Executive Director
Restaurants
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

What I like about this software is:

- Simple to use, it is not at all complicated to learn to use it.

- Quite complete, the features they have are practical and work very well.

- Provides reports of the complete information of the vulnerabilities and inconveniences that the source code of the page presents.

- Quick function.

- Deep analysis

- Help find systematic solutions. Review collected by and hosted on G2.com.

What do you dislike?

What I do not like is that the interface is a bit complex, in my opinion, what bothers me a little and interferes with my work as it makes the use of software more difficult. However until now all the reports have been very complete and accurate, I can not complain about how great it has worked so far. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I recommend that you apply this software to your page and consult the complete reports that it provides, it offer the immediate results and detail in an effective way all the problems that the source code may have. This allows you to find quick solutions that are beneficial to your company. Try it and you will see that you will not regret it. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The main benefits are the search for quick solutions, thanks to Coverity the security of our website has increased due to the fact that errors and vulnerabilities in the source code have diminished. Now our product is presented in a much more attractive way which has improved our business in a much bigger way than we thought. Now all our clients are totally pleased. Review collected by and hosted on G2.com.

Show More
Show Less
Information Technology Manager
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

It is a quite simple software to use, it provides quite complete reports regarding the information of the problems found in the source code of my page. It is fast and authentic, the analysis is comprehensive, contributes in this way to find solutions quickly and easily to prevent future complications with the website. Review collected by and hosted on G2.com.

What do you dislike?

The interface is a little charged, which has made using it difficult and complicated to understand. Sometimes it has happened that the analysis throws some erroneous information and it has had to be inspected manually, this delays and complicates the work. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Now the codings of the company will have a high quality thanks to this software, it is very useful because, anyone likes to be warned before any error occurs, and Coverity gives you that great possibility. You can find solutions to errors so that your codes will always be in good condition and your product will be free from unsafe faults. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Many goals have been achieved, in my company both partners and colleagues feel that now our product is offered with a high quality. Now our security is quite good, it has allowed us to be able to do in depth analysis to avoid any vulnerability or error in the code to prevent any failure before offering our product. Review collected by and hosted on G2.com.

Show More
Show Less
Senior Vice President Marketing
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

I like how easy it is to use and the great capacity of immediate analysis that this software provides with respect to the source code. It explains quickly the errors and defects that the code can contain. Review collected by and hosted on G2.com.

What do you dislike?

There has been a small number of cases in which it gives a false alarm of error in the code, and complicates the work. Interface a bit complicated to use. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It is a very useful software that will help to keep away from your codes the defects and any vulnerability that may exist, in this way you will find faster solutions and all your codifications will be of the best quality. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It has benefited my work in the company because with this software it is now easier to find the defects and errors with their corresponding solutions to the source code, thus helping to make an exhaustive analysis before selling the product and implementing it. and quality to offer the best to our customers. Review collected by and hosted on G2.com.

Show More
Show Less
Manager Marketing
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

It is effective when it comes to finding defects, errors and security vulnerabilities in the source code. The analysis of the corresponding code is effective which allows to correct the errors quickly in order to find solutions, thus representing a great utility for my company. Review collected by and hosted on G2.com.

What do you dislike?

In my opinion, the interface is a bit overloaded. It presents some faults when presenting the analysis of the codes and we had to redo the work of looking for defects because we found deficiency in the analysis of small errors. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It is really useful to maintain the quality when you want to have a large and long-term project in which the equipment has different encodings, with the great help of Coverity it is possible to achieve the codification of all of them before existing vulnerabilities to achieve a clean and smooth job any error. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Many things were achieved in my company, in which customers, colleagues and business partners are satisfied.

Security risks have been avoided

Ease of use of our product, also with a better quality

Prevention of sending a bad job, thanks to the fact that we found the code defects before offering it. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

Coverity is the best static code analyzer. It's actually a beast with so many functionalities. It's a must-have tool for all enterprises. I like the following features the most.

- Nice Graphical interface

- Plugins/integration with different code repositories/build frameworks.

- SSO / LDAP integration to login.

- Not very tough to learn the controls.

- Detailed information for each defect.

- Generation of detailed Coverity reports

- Ability to filter / control various issues / defects. Review collected by and hosted on G2.com.

What do you dislike?

The entire coverity System is not a simple product. You need to spend some time to get used to their controls and all the functionalities. Sometimes, we see a lot of false negatives in the static code analysis. Even after marking some defects as invalid, we still see the same issues again and again. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The main use of Coverity is to do static code analysis. It helps to discover a lot of issues with the badly written code (buffer overflows, NULL de-reference, dangling pointer etc). This also helps to fix major security issues in the code which is very very important in the software development life cycle. Review collected by and hosted on G2.com.

Show More
Show Less
Director
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

Excellent when it comes to long lines of code which is able to find fault in new software that is being created, it is fast and efficient when finding an error or security failure. Review collected by and hosted on G2.com.

What do you dislike?

More suggestions on how to solve the security bug and sometimes fail to want to upload a project. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Recommended for new developers of any language that need to find a security flaw. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I corrected bugs from an android application and the tool found multiple bugs that made the application bulnerable. Review collected by and hosted on G2.com.

Show More
Show Less