IT Central Station is now PeerSpot: Here's why

Codebashing OverviewUNIXBusinessApplication

Codebashing is #2 ranked solution in top Application Security Training Software. PeerSpot users give Codebashing an average rating of 10 out of 10. Codebashing is most commonly compared to Veracode Security Labs: Codebashing vs Veracode Security Labs. Codebashing is popular among the large enterprise segment, accounting for 61% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 33% of all views.
Codebashing Buyer's Guide

Download the Codebashing Buyer's Guide including reviews and more. Updated: July 2022

What is Codebashing?

Codebashing's SaaS platform is built specifically to train, refresh and validate Software Developers and DevOps personnel on Application Security and Secure Coding principles; helping business to develop and maintain more secure software and applications. Codebashing achieves this through a purpose-built platform for developers that is time-efficient, game-like, and provides hands-on vulnerable applications to interact with… providing insight into how common vulnerabilities manifest within the application stack.

Codebashing Customers

Fitbit, Microsoft, Just Eat, NCC Group, National Bank of Abu Dhabi, Sky

Codebashing Video

Archived Codebashing Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SiddharthSinghal - PeerSpot reviewer
Information Security Engineer at a tech vendor with 51-200 employees
Real User
Good knowledge base and easy to deploy, but it is only available for Windows
Pros and Cons
  • "The most valuable feature is the integration with WhiteSource, which allows for open-source scanning."
  • "This solution is available for Windows only and does not have a Linux distribution."

What is our primary use case?

We are a solution provider and this is one of the products that we are evaluating. We use Codebashing to provide users with different exercises for Python and UI. It allows them to practice.

What is most valuable?

The most valuable feature is the integration with WhiteSource, which allows for open-source scanning. It helps bring everything together in one solution. The knowledge base is good.

What needs improvement?

Codebashing should be available for everybody to use without having to obtain a license. This solution is available for Windows only and does not have a Linux distribution.

For how long have I used the solution?

We are currently conducting a PoC for different customers.
Buyer's Guide
Codebashing vs. Veracode Security Labs
July 2022
Find out what your peers are saying about Codebashing vs. Veracode Security Labs and other solutions. Updated: July 2022.
611,060 professionals have used our research since 2012.

How are customer service and support?

We have not yet needed to contact technical support.

How was the initial setup?

Everything was fine in terms of the initial setup.

What about the implementation team?

We have our own in-house team for deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

This solution is not freeware and more expensive than similar products.

What other advice do I have?

I have tested several areas of Codebashing and have used some of the labs that they provide. The labs are useful because you can find examples of flags and known vulnerabilities. It is different from other products. I would rate this solution a six out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Sr. Application Security Manager at a tech services company with 201-500 employees
Real User
Top 20Leaderboard
Has lots of configuration options, good security and good flexibility
Pros and Cons
  • "There's a lot of flexibility and there are a lot of configuration options."
  • "The solution should make the configuration more simple. Sometimes the configuration is complex."

What is our primary use case?

We primarily use the solution as part of an integration with the CI pipeline.

What is most valuable?

The solution did the job properly for us. It's quite good.

The security software, especially in comparison to other competitor's offerings, is quite good.

There's a lot of flexibility and there are a lot of configuration options.

What needs improvement?

I can't recall any real issues we had using the solution in the past.

The solution should make the configuration more simple. Sometimes the configuration is complex.

In future releases, the solution should introduce incremental objects. 

I'd like to be able to check what the developers are doing on the fly.

For how long have I used the solution?

I've been working with the solution for about a year or maybe a bit more. The last time I worked with it was three months ago.

What do I think about the stability of the solution?

The stability of the solution is excellent. I'd rate it ten out of ten. It's very reliable.

What do I think about the scalability of the solution?

I don't know enough about the scalability potential to feel comfortable commenting on it.

How are customer service and technical support?

I've been in touch with technical support in the past. I'd rate them ten out of ten. They are very good. We've been satisfied with the level of support we've received.

How was the initial setup?

The initial setup, as I understand it, is not very easy. It takes some time. The integrations and the configurations end up taking a lot of time to get right.

Deployment times depend on the company and the environment. It could take anywhere from one to two weeks.

In general, a company needs a team of four or five people to support everything (including changing queries, etc.). There is an option to do it on the customer side or via the solution's support. It depends on the licensing a company chooses.

What about the implementation team?

Depending on the licensing chosen by the company, the deployment is either handled internally or by the solution's technical support team directly.

What was our ROI?

We've seen an ROI of about 30% after about one year.

What's my experience with pricing, setup cost, and licensing?

I'm unsure of the licensing costs for the solution. I believe their managed services have different costs.

What other advice do I have?

We are not a customer of the solution at my current organization. We are currently running a POC. However, in my previous position, I was a customer.

I'd rate the solution nine out of ten.

It's a hard solution for developers to just start using. It's not so easy to just jump into. It takes time.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Codebashing vs. Veracode Security Labs
July 2022
Find out what your peers are saying about Codebashing vs. Veracode Security Labs and other solutions. Updated: July 2022.
611,060 professionals have used our research since 2012.
CEO at a tech services company with 11-50 employees
Real User
Top 5Leaderboard
Easy to use with an interactive approach, but it should have more integration with other educational platforms
Pros and Cons
  • "This solution has an interactive approach that allows you to quickly receive basic knowledge about vulnerabilities and how they should be fixed."
  • "It would be helpful if the solution included tests or exams that would allow you to study, for example, all Java vulnerabilities, and then afterward test your knowledge."

What is our primary use case?

We are a service company, and we have a lot of projects for mobile app security. Our customers use JavaScript and Objective-C to code the backend of their systems, and our security experts use this solution to show our customers what needs to be fixed in their environment.

We use a classic cloud service, but from a vendor, so we have a private cloud deployment. In the future, we may switch to an on-premises solution.

What is most valuable?

This solution has an interactive approach that allows you to quickly receive basic knowledge about vulnerabilities and how they should be fixed. It is easy to understand how it works, and how things should be fixed. Everything is in one place.

This product will integrate well with a socket solution. When a vulnerability is detected, you can redirect to CodeBaching, which is very useful.

This solution is very comfortable for developers, even at the junior level.

What needs improvement?

We would like to be able to add our own lessons to the platform because right now we can't add our own information. It would be helpful to create a "lesson platform", for example. 

It would be helpful if the solution included tests or exams that would allow you to study, for example, all Java vulnerabilities, and then afterward test your knowledge. This is a typical functionality for learning platforms.

I would like to see more integration with other educational platforms. They have a good start because it integrates well with their own solutions.

For how long have I used the solution?

I have been using this solution for about eighteen months.

What do I think about the stability of the solution?

This is a stable solution. We have never had a situation where we could not connect to the vendor's cloud.

What do I think about the scalability of the solution?

We currently have three users, and they are experts in information security.

How are customer service and technical support?

We have not needed to contact technical support for this solution because everything is clear. We have dealt with the same vendor for other solutions and they have a very quick response. They also have Russian speakers available.

Which solution did I use previously and why did I switch?

Some of our customers used their own products before switching to Codebashing.

We just used documentation and materials from other languages, but it is not as comfortable. In Codebashing, you have one solution for all languages. Previously, we needed to find something for Java, and then something for C, then try to understand what might be a good description and come up with an example. We spent a lot of time on this process.

How was the initial setup?

The initial setup of this solution is very easy. Checkmarx has very good instructions and user manuals, so there are not many problems when it comes to installing and configuring their products.

What about the implementation team?

We deployed this solution with our in-house engineers. There is a lot of technical documentation on the Checkmarx Wikibase, and it's an open base. There are very good examples with screenshots and step-by-step instructions.

Which other solutions did I evaluate?

We did not evaluate other solutions before choosing this one.

What other advice do I have?

This is a solution that I recommend to people who have a Checkmarx socket implementation because it is good to have a platform with this training program included. Otherwise, it depends on the customer. If they have a lot of their own code development then training is needed. However, in some cases, where they have good experts with a lot of knowledge, then their own experts can teach the staff.

For companies that do not have information security experts available for training, then this is a very good platform to have because it has very clear and quick lessons. 

This product is good and it is reliable.

I would rate this solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.