FOSSA vs. Coverity Static Analysis (SAST)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
FOSSA
Score 2.0 out of 10
N/A
FOSSA is a software composition analysis tool that continuously scans for open-source components and tracks dependencies and license compliance.N/A
Synopsys Coverity
Score 8.3 out of 10
N/A
Synopsys offers the Coverity static application security testing (SAST) solution, to help users build software that’s more secure, higher-quality, and compliant with standards.N/A
Pricing
FOSSACoverity Static Analysis (SAST)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FOSSASynopsys Coverity
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoYes
Entry-level Setup FeeNo setup feeOptional
Additional DetailsContact the Synopsys Software Integrity Group (SIG) Sales team at https://www.synopsys.com/software-integrity/contact-sales.html for more detailed pricing information.
More Pricing Information
Community Pulse
FOSSACoverity Static Analysis (SAST)
Best Alternatives
FOSSACoverity Static Analysis (SAST)
Small Businesses

No answers on this topic

GitLab
GitLab
Score 8.7 out of 10
Medium-sized Companies
Veracode
Veracode
Score 9.1 out of 10
Veracode
Veracode
Score 9.1 out of 10
Enterprises
Veracode
Veracode
Score 9.1 out of 10
Veracode
Veracode
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
FOSSACoverity Static Analysis (SAST)
Likelihood to Recommend
5.0
(1 ratings)
9.0
(1 ratings)
Support Rating
10.0
(1 ratings)
-
(0 ratings)
User Testimonials
FOSSACoverity Static Analysis (SAST)
Likelihood to Recommend
FOSSA
The only issue we have had is sometimes the web app is too slow, and that causes issues with us wanting to continue to use FOSSA over going with another tool. That is the only problem. I noticed it happened more recently, but if that is solved now or will be solved, I would 100% recommend this tool to anyone!
Read full review
Synopsys
Best suits for large scale and dynamic development environment. It may be best tool if you want to release your apps with less TAT. However if you have a CRM tool which is COTS product it can offer little help. Even then you should be familiar with what features of Coverity Static Analysis (SAST) are helpful for your development environment
Read full review
Pros
FOSSA
  • Setup of tool.
  • Speed of scans.
  • Automated emails with reports.
Read full review
Synopsys
  • It can provide security scanning dashboard
  • Help detect vulnerabilities and recommend remediation
  • Integration of devsecops helps speed up release cycles
Read full review
Cons
FOSSA
  • Interface for loading results can be slow, this is the #1 issue we have faced.
  • Speed of scans could be improved.
Read full review
Synopsys
  • Coverage of integration with other security tools can be improved
  • Customisation of dashboard to enable customer choice of tracking
  • Showcase devsecops progressive tasks from SLA and violation from code scanner perspective
Read full review
Support Rating
FOSSA
Never needed support but the chat and help seem forefront of the app!
Read full review
Synopsys
No answers on this topic
Alternatives Considered
FOSSA
BlackDuck and Synk
Read full review
Synopsys
Coverity Static Analysis (SAST) has wide coverage in terms of Owasp Top 10 vulnerabilities, various types of languages, backward integration. While other tools offer similar experience of code scanning, coverity helps in pointed recommendations for quick closure of vulnerabilities. The historical analysis of vulnerabilities is a good value add in understanding which type of code and which language is better in improving cyber security maturity.
Read full review
Return on Investment
FOSSA
  • Hard to measure the ROI, but no doubt having licenses be above board is fantastic for protection of your software.
  • Caused developers to make more informed decisions.
Read full review
Synopsys
  • Helped reduce efforts of development team avoiding rework
  • Increased security maturity
  • Increased efficiency of the teams
Read full review
ScreenShots

Synopsys Coverity Screenshots

Screenshot of Coverity works with the Code Sight™ IDE plugin, enabling developers to find and fix security and quality defects as they write code.Screenshot of Coverity provides broad security and quality checker support for 21 languages and over 70 frameworks.