ReSharper vs. Coverity Static Analysis (SAST)

ReSharper is the best all-in-one tool for Visual Studio that I have encountered. It contains many features not found in Visual Studio Enterprise, and those features already in Visual Studio provide much better implementations. I would recommend this to all developers, with the only people who will find it a detriment are developers running older, slower machines (due to ReSharper's resource requirements).

Incentivized

Best suits for large scale and dynamic development environment. It may be best tool if you want to release your apps with less TAT. However if you have a CRM tool which is COTS product it can offer little help. Even then you should be familiar with what features of Coverity Static Analysis (SAST) are helpful for your development environment

Incentivized

• Shortcuts are awesome. Navigation through the code gets really easy.
• I use it every day: go to the last modified position, go to the next error, find usages. All refactoring shortcuts!
• Color identifiers let me identify variables from constants, methods, properties, and types. I use this feature and I can not live without it.
• Move code by scope is handy.
• Adding missing references automatically.

Incentivized

• It can provide security scanning dashboard
• Help detect vulnerabilities and recommend remediation
• Integration of devsecops helps speed up release cycles

Incentivized

• Sometimes it gives suggestion that are not suitable for code that you wrote

• Coverage of integration with other security tools can be improved
• Customisation of dashboard to enable customer choice of tracking
• Showcase devsecops progressive tasks from SLA and violation from code scanner perspective

Incentivized

ReSharper is very familiar if you already know Visual Studio. JetBrains does have an excellent IDE (Rider); however, since ReSharper is an extension to Visual Studio, you only need to learn what their tools add, not a whole new way of working. I have found the extension's interface to be straightforward, although perhaps due to the massive range of features, navigating the menus is a little time-consuming until your muscle memory kicks in. Maybe a feature search tool would help make usability a 10 out of 10?

Incentivized

ReSharper does what it does very well because it operates inside the IDE you are already using. It provides advanced features that function far above and beyond what Visual Studio Professional offers and does not require you to learn another IDE like JetBrain's excellent IDE Rider. My only wish is that ReSharper had a Visual Studio Code plugin!

Incentivized

Coverity Static Analysis (SAST) has wide coverage in terms of Owasp Top 10 vulnerabilities, various types of languages, backward integration. While other tools offer similar experience of code scanning, coverity helps in pointed recommendations for quick closure of vulnerabilities. The historical analysis of vulnerabilities is a good value add in understanding which type of code and which language is better in improving cyber security maturity.

Incentivized

• ReSharper is our go-to tool for file formatting. All of our code process must be formatted correctly, and ReSharper makes that an easy to access keyboard shortcut.

Incentivized

• Helped reduce efforts of development team avoiding rework
• Increased security maturity
• Increased efficiency of the teams

Incentivized