Loading product reviews...
4.6 out of 5.0 (14 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on Synopsys but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 5 out of 5.0, Reviewed

    Product(s): Coverity

    An excellent product which is already paying for itself in improved code quality.

    Overall Comment

    Product integrated cleanly with all of our different development environments. Server was easy to setup. License management was relatively straightforward. LDAP integration works nicely which is important to us. Support was readily provided, and timely, when integrating with some unusual configurations.

    What one piece of advice would you give other prospective customers?

    Make good use of their support, it's excellent.

    What do you like most about the product or service?

    The product is excellent, and is already paying for itself. The after-sales support has been very good.

    What do you dislike most about the product?

    It does require a fairly grunty PC to run it locally - slows down compilation time substantially for C++. Not unreasonably considering the results.

    What one thing do you wish the vendor did differently?

    More licensing options would be nice. There used to be more, but they were simplified to only two models, which didn't fit our organisation terribly well. We worked it out in the end though.

    If you could start over, what would your organization do differently?

    I'd probably evaluate fewer competitors. Retrospectively it was obvious who the biggest players were in this sector.


  • 5 out of 5.0, Reviewed

    Product(s): Coverity

    easy integration into continous integration processes

    Overall Comment

    Excellent sales and technical consulting support teams

    What one piece of advice would you give other prospective customers?

    Pay attention to security requirements early in the development process.

    If you could start over, what would your organization do differently?

    Develop more standards prior to deployment


  • 5 out of 5.0, Reviewed

    Product(s): Coverity

    Implementation was easy, allowed flexibilty by individual development teams.

    Overall Comment

    Great support, included user training, and after-install review.

    What do you like most about the product or service?

    It does improve product quality and our users are very satisfied compared to the prior tools.

    What do you dislike most about the product?

    Costs and license management.

    What one thing do you wish the vendor did differently?

    License management, and license costs. We spend too much time worrying about freeing up licenses to ensure they are paying for themselves. Also need to manually disable licenses and compare to AD lists, adding more management tasks.

    Service & support - overall comment

    no comment.

    Integration & Deployment - Overall comment

    Integration does not work through firewalls and proxies. We would like to integrate with JIRA but the tool exist in different security zones.


  • 4 out of 5.0, Reviewed

    Product(s): Coverity

    Great tools

    Overall Comment

    Good support from both Vendor and Technical Good product Good documentation Great staff

    What one piece of advice would you give other prospective customers?

    Don't be afraid to dig deep in the potential of Coverity.

    What do you like most about the product or service?

    Flexible, eficient, great added value.

    What do you dislike most about the product?

    Lot of hidden features that are not obvious. Training material is lacking.

    What one thing do you wish the vendor did differently?

    The structure seems rigid and I have the feeling that selling is the bottom line. Even though the support is great, it feels like that supporting is not the priority.

    If you could start over, what would your organization do differently?

    Involvement of software engineer is important, so I would probably bring in more peoples to learn the tool.

    Service & support - overall comment

    Competent, fast, reliable.


  • 5 out of 5.0, Reviewed

    Product(s): Protecode

    Innovative technology to provide quick & easy application component analysis.

    Overall Comment

    We have been using Sysnopsys Codenomicon AppCheck (now called Protecode SC) as an early adopter. It's an innovative tool which provides a quick & straight-forward solution help us to address 3rd-party software vulnerabilties and license issue in software integration. it greatly improves the accuracy and agilty to cope with the complete product offerings at scale. AppCheck also provides learn ability to add vendor component.

    What do you like most about the product or service?

    technology

    Service & support - overall comment

    We're happy with service and support which Synopsys team provides.


  • 4 out of 5.0, Reviewed

    Product(s): Coverity

    "Best-in-class static code analysis tool with only high cost being the downside"

    Overall Comment

    Coverity is the best static souce code analysis tool on the market today for C/C++. They provide a very mature product

    What one piece of advice would you give other prospective customers?

    Negotiate the pricing model to be one that isn't based on lines of code or per-user.

    What do you like most about the product or service?

    The product functionality is world class. It is the best static code analysis tool on the market. It was relatively easy to setup and put into a Jenkins continuously delivery system that provides accurate results daily to our development team.

    What do you dislike most about the product?

    The licensing model is based on lines of code or per-developer. It should be more flexible to allow a per-use model. They should also add in more platforms like XCode 8 with clang. We are using a Windows only system due to that limitation.

    What one thing do you wish the vendor did differently?

    Change their licensing model so that it is more flexible based on usage not per developer on the team or the lines of code in the product. I wish they would also support XCode 8 and the clang compiler on the Mac OS X platform. We would also like to see a mobile offering that covers the Swift programming language.

    If you could start over, what would your organization do differently?

    Negotiate the cost of the overall solution to be lower. Their licensing model is either lines of code (which is not possible for products with as much source code as Adobe), or per-user which isn't the best either given that not all developers use the tool daily. I wish Coverity would provide an alternative licensing model that is bsaed on per-use instead.

    Service & support - overall comment

    Everytime Coverity releases a new version of their software Adobe Photoshop does need to work with their support to ensure it still compiles 100% of the codebase. The quality of their software is generally fantastic, but it could be better.


  • 5 out of 5.0, Reviewed

    Product(s): Coverity

    Expensive but technically excellent, substantially improves our software

    Overall Comment

    Synopsys provides a technically excellent product, then backs it up with effective and professional tech support. We can usually resolve any problems using internal resources, but when we reach out to tech support we usually have solutions within 24 hours. Synopsys has been very willing to work with us on suitable licensing terms and has a history of implementing our suggestions for improvements. Improvements in the product are significant from release to release.

    What one piece of advice would you give other prospective customers?

    Establish an in-house expert or two to help with project deployments. Integrate with Jenkins for rapid detection of issues.

    What do you like most about the product or service?

    Technical performance is excellent, with high-quality defect detection. False-positive rate is extremely low, which reinforces developer trust. New "developer intent" checkers like copy-paste provide great value. Tech support and field support are outstanding.

    What do you dislike most about the product?

    Coverity is a very expensive product. Technically, the access control configuration is very flexible but too complicated.

    If you could start over, what would your organization do differently?

    Initial deployment faltered until we put a small team of experts together to help with deployments across many projects. We should have done that sooner.

    Service & support - overall comment

    Tech support is very responsive and typically resolves issues within 24 hours. Field support, when needed, supplies highly experienced people who really have an impact.


  • 5 out of 5.0, Reviewed

    Product(s): Coverity, Seeker

    The Seeker implementation isn't straight forward, but it's a big challenge to do IAST well

    Overall Comment

    They always share the roadmap. I like the fact that they are always forward thinking and very engaging the customers, e.g. not only providing the happy path but also learning from customer insights. The vendor is very responsive and I think that this is important, especially when it comes to production environments. Additionally, I was surprised that even our account manager understands the technology and secure development lifecycle very well, as oppose to "regular" sales people in the market.

    What one piece of advice would you give other prospective customers?

    Bring your best hands-on engineer/architect to the POC, as it requires a deep understanding of the tested product.

    What do you like most about the product or service?

    Seeker - it's an amazing approach to reducing false positives and find REAL exploits in the system. Coverity - it tries to ease the build automation process by integrating with bug tracking systems and its user interface is simple.

    What do you dislike most about the product?

    Seeker - not straight forward installation Coverity - while it is integrated with most of the build systems, it isn't integrated with TFS. Additionally, it doesn't support PHP security testing (yet).

    What one thing do you wish the vendor did differently?

    Did I mention that my satisfaction rate is 5?

    If you could start over, what would your organization do differently?

    I'd expand the engagement of the engineering teams during the POC process.

    Service & support - overall comment

    Everything is done professionally and in a timely manner.


  • 4 out of 5.0, Reviewed

    Product(s): Coverity

    Not the top performer in some tasks, but definitely reliable & worthy investment

    Overall Comment

    Coverity brings opportunities for improvements in productivity and quality, helps to achieve business goals and standardizes management processes at reasonable costs. Its wide range of applications allows one-fit-all implementation and relieves the burden of change management while preserving spaces for future enhancements and functionalities. If pluggable checkers, better integrations with issue management systems and more complete analysis on new languages could become official, Coverity would be our sole choice for coming years to assure business objectives.

    What one piece of advice would you give other prospective customers?

    Change management should be planned ahead. Once Coverity is taken into consideration for mass deployment, you will recognize that sluggishness in an adoption of the new tool may wipe out its feasibilities.

    What do you like most about the product or service?

    Since we are doing out-sourcing, Its capability of supporting wide range of programming languagues and ease of management are the best things among all whistles and bells.

    What do you dislike most about the product?

    Checkers cannot be extended by incorporating other analysis tools and sometimes, analysis results on new languages are too basic.

    What one thing do you wish the vendor did differently?

    Trials could be distributed more freely, either with the limitation of time, user submissions or functionalities.

    If you could start over, what would your organization do differently?

    If there is another chance, Coverity is still among our first considerations. There are debates over functionalities versus pricing, but after all, you will value its ease of management & deployment - in our situation, a tool that fits 90% need of projects is better than 10% of perfection for several cases.

    Service & support - overall comment

    Except email integration problem, everything else works as expectation.


  • 5 out of 5.0, Reviewed

    Product(s): Coverity

    Implementation is complex, but well supported by the manufacturer.

    Overall Comment

    The overall experience is very good. Local sales staff, solid understanding of the industry, and proven capabilities. No bullshit in the sales phase, to the point and focused effort in the product itself.

    What one piece of advice would you give other prospective customers?

    Be aware of false positives. The existence of such makes service very hard to integrate into a functional SDL and makes it easier for the teams to reject the service.

    What do you like most about the product or service?

    Low the number of false positives. Good workflow, very agile support for implementation.

    What do you dislike most about the product?

    Massive complexity, but required for the complex task at hand. Would love tighter integrations with SDL by default.

    What one thing do you wish the vendor did differently?

    More automation, less manual tinkering.

    If you could start over, what would your organization do differently?

    More focus on the mature state of the service when implemented to ensure easy integration with operations when implemented.

    Service & support - overall comment

    Satisfied


Show More Reviews

Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(14)
4.1

Ability to understand your organization's needs

(14)
4.5

Timely and complete response to product questions

(14)
4.6

Pricing and contract flexibility (pricing and terms)

(12)
3.8
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(14)
4.3

How long did your deployment take?

0 - 3 months (<3)

3 - 6 months (<6)

6 - 9 months (<9)

9 - 12 months (<12)


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(5)
3.0

Ease of integration using standard APIs and tools

(13)
4.1

Quality and availability of end-user training

(13)
3.8

Ease of deployment

(14)
4.2
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(14)
4.6

Did you purchase a support package from the vendor?

Yes

No


Timeliness of vendor's response

(13)
4.6

Quality of technical support

(13)
4.6

Quality of peer user community

(9)
3.4
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(14)
4.6

Dynamic AST as a Tool

(2)
4.0

Dynamic AST as a Service

(1)
5.0

Static AST as a Tool

(9)
4.8

Static AST as a Service

(2)
5.0

Interactive AST

(3)
4.3

Mobile AST

(1)
4.0

Enterprise-Class AST

(7)
4.1

Stand-Alone AST

(7)
4.0

WAF/EMM Integration or RASP

(3)
3.7
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Rollout and Install

Technical Assessment

Maintenance and Support

Application Lead

Development/Integration

Functional Assessment

User Training

Vendor/Product Selection

Vendor Management

Executive Sponsor

Other...


What other vendors were considered?

Checkmarx

Veracode

IBM

Hewlett Packard Enterprise

Synopsys

GrammaTech

Qualys

WhiteHat Security

Contrast Security

PortSwigger

Rapid7

The Open Web Application Security Project (OWASP)

Virtual Forge

Other...


Why did you purchase this product?

Create internal/operational efficiencies

Improve compliance & risk management

Improve business process outcomes

Improve business process agility

Reduce time to market

Cost management

Drive revenue growth

Improve customer relations/service

Drive innovation

Enhance decision making

Improve supplier or partner relations

Other...


What were the key factors that drove your decision?

Product functionality and performance

Product roadmap and future vision

Strong services expertise

Functional breadth

Breadth of services

Strong consulting partnership

Pre-existing relationships

Financial/organizational viability

Overall cost

Strong customer focus

Strong user community

Other...


In which region(s) did your deployment take place? Multiple responses allowed.

North America

Asia/Pacific

Europe, Middle East and Africa