Coalfire vs Veracode comparison

Coalfire
  • 0 Views
  • 0 Comparison Views
Veracode
Read 194 Veracode reviews
  • 24,547 Views
  • 16,538 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Coalfire and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about Secureworks, Check Point Software Technologies, Ace Cloud Hosting and others in Managed Security Services.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Managed Security Services Report (Updated: June 2024).
Buyer's Guide
Managed Security Services
June 2024
Download the complete report
Helped 787,779 peers since 2012
 

Categories and Ranking

Coalfire
Average Rating
0.0
Number of Reviews
0
Ranking in other categories
Managed Security Services (68th)
Veracode
Average Rating
8.2
Number of Reviews
194
Ranking in other categories
Application Security Tools (2nd), Static Application Security Testing (SAST) (2nd), Container Security (4th), Software Composition Analysis (SCA) (2nd), Penetration Testing Services (3rd), Static Code Analysis (1st), Application Security Posture Management (ASPM) (2nd)
 

Featured Reviews

Use Coalfire?
Share your opinion
Evan Gertis - PeerSpot reviewer
Mar 18, 2024
Enables us to provide a certificate showing stakeholders and potential customers the proof that we take security seriously
My case is different from other individuals. I worked for a startup, so we had to find a way to capitalize on all the resources in Veracode. Larger organizations are not leveraging the built-in dashboard. That aspect is what people want to know about. They want to see how their money is being spent on security. The biggest problem with security is getting funding. None of these executives believe anything these users are saying until they can see the results. They want that dashboard report. In less than three weeks, a junior security engineer can learn to create a dashboard easily that will allow the organization to stay on top of the most important things. They need to show the stakeholders that we're doing something here. They'll get the certification and see the dashboards. You now have something that's actually worth $2,000. With these other ones, who knows what you'll get. It allows us to provide a certificate showing stakeholders and potential customers the proof that we take security seriously. Everyone says that they're on top of their security and have all these things in place. In a sales call, we can immediately respond to any questions about our security posture by pointing them to a link showing that your company was among the few companies that completed the full certification process. Veracode has four levels of certification, and we are at level three, I believe. To my knowledge, Veracode is the only real devSecOps pipeline that captures every component of the software delivery cycle, from sandbox and staging to development and production. You need to go through those four phases and ensure the code is secure by the time it hits production. Veracode handles all those phases seamlessly and can be automated with Jenkins. Veracode is highly efficient at fixing flaws. A single person can go through and do a penetration test after collecting the data from Veracode. Instead of telling developers where the issue is, they can show them in the code editor for the static analysis. They can assign tasks to the team using Jira, so developers almost never need to do that work. They actually almost never go back and fix any of these vulnerabilities. That's why I was my company's most hated and most loved man. I forced them to do it.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pricing and Cost Advice

Information not available
"Veracode is expensive. But the solution is worth it."
"The Veracode price model is based on application profiles, which is how you package your components for scanning."
"It is expensive. It depends on the use case, but it is very hard to find a pricing page on their website. Instead, they need to analyze your use case, but without knowing the entire project and how you're going to be using Veracode, how many scans you're going to do, if yours is a small business, it is very expensive and it affects ROI."
"I found Veracode very expensive, though I'm not the person paying for it. I was surprised to find out how much the subscription costs and that the executive board approved it, but it was a no-brainer because now my company has better security scans."
"For our company, the price is reasonable for the benefits that we get."
"They have just streamlined the licensing and they have a number of flexible options available, so overall it is quite good, albeit pricey."
"Negotiate some, but their prices are reasonable."
"They just changed their pricing model two weeks ago. They went from a per-app license to a per-megabyte license. I know that the dynamic scan was $500 per app. Static analysis was about $4500 yearly. The license is only for the number of users, it doesn't matter what data you put in there. That was the old model. I do not know how the new model works."
More Veracode pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Managed Security Services solutions are best for your needs.
See recommendations
787,779 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
25%
Computer Software Company
16%
Non Profit
10%
Government
8%
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Ask a question
Earn 20 points
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
See all answers
What do you like most about Veracode?
The SAST and DAST modules are great.
See all answers
What is your experience regarding pricing and costs for Veracode?
The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
See all answers
 

Comparisons

No data available
SonarQube vs Veracode Logo
SonarQube vs Veracode
Compared 26% of the time
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
Compared 14% of the time
Fortify on Demand vs Veracode Logo
Fortify on Demand vs Veracode
Compared 7% of the time
Snyk vs Veracode Logo
Snyk vs Veracode
Compared 6% of the time
Fortify Static Code Analyzer vs Veracode Logo
Fortify Static Code Analyzer vs Veracode
Compared 3% of the time
More Veracode Competitors
 

Product Reports

Buyer's Guide
Managed Security Services
June 2024
Coalfire reportDownload Coalfire product report
Buyer's Guide
Veracode
May 2024
Veracode reportDownload Veracode product report
 

Also Known As

No data available
Crashtest Security , Veracode Detect
 

Learn More

Coalfire
Veracode
 

Overview

Coalfire is a cybersecurity company specializing in enhancing organizations security posture through a comprehensive range of services. Their offerings encompass proactive measures like security assessments, penetration testing, and vulnerability management, alongside reactive measures such as compliance assistance with cybersecurity frameworks and regulations. Coalfire's services extend to cloud security, providing tailored solutions for securing cloud environments. By leveraging technology and industry expertise, Coalfire aims to streamline security assessments, improve cybersecurity defenses, and ensure compliance with data security regulations, catering to diverse industries including finance, healthcare, and retail.

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

 

Sample Customers

Axway
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Buyer's Guide
Managed Security Services
June 2024
Download Free Report
Find out what your peers are saying about Secureworks, Check Point Software Technologies, Ace Cloud Hosting and others in Managed Security Services. Updated: June 2024.
DOWNLOAD NOW
787,779 professionals have used our research since 2012.

We monitor all Managed Security Services reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.