Cisco SecureX [EOL] vs Veracode comparison

Cisco and Veracode are both solutions in the Application Security Tools category. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 89% of Veracode users who would recommend it.

Cisco SecureX [EOL]

Read 13 Cisco SecureX [EOL] reviews

100% willing to recommend

Veracode

Read 208 Veracode reviews

23,090 Views
12,930 Comparison Views

89% willing to recommend

Cisco SecureX [EOL]

Veracode

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco SecureX [EOL] and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Application Security Tools.

To learn more, read our detailed Application Security Tools Report (Updated: May 2026).

Buyer's Guide

Application Security Tools

May 2026

Download the complete report

Helped 894,998 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco SecureX [EOL]

Average Rating

9.0

Reviews Sentiment

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Veracode

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

208

Ranking in other categories

Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Container Security (10th), Software Composition Analysis (SCA) (2nd), Static Code Analysis (1st), Dynamic Application Security Testing (DAST) (1st), Application Security Posture Management (ASPM) (1st)

Featured Reviews

Alon K

CTO & VP of Cyber Solutions, Israel at Rockwell Automation

Gives our customers visibility and they don't have to go multiple management consoles anymore

One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.

Read full review

SrikanthRaghavan

Principal Architect at a consultancy with 11-50 employees

Early detection of vulnerabilities saves significant amount of time and effort

Veracode provides visibility into application status at every phase of development, as it's how we stitch it together, allowing us to introduce it at various phases to gain fast feedback. This capability increases the velocity in DevSecOps processes as developers receive feedback on vulnerabilities before committing, reducing the overall rework. It helps developers save time significantly. For instance, if I take a library and assume it's going to work until it reaches QA or UAT, where we find out there's a vulnerability, that can require extensive effort for code refactoring or redesigning; Veracode helps prevent that before the pull request is merged. Veracode impacts the overall security posture by maintaining data integrity, ensuring we are not exposed to threats from third-party libraries with known vulnerabilities. From my perspective as a SecDevOps evangelist, Veracode is crucial for an organization's shift-left security strategy. Veracode's SCA perspective offers tools that facilitate shift-left security by providing feedback before failures occur in the development process.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Using SecureX, we can aggregate the data from all our security products, automate many of our tasks that we had to do manually before, save a huge amount of time, and provide many reports about usage of our systems and networks to our leaders and managers to show what we can do to make our security better."

"When it comes as a business bundle, we come to customers to provide a one-stop shop, and we provide a return of value on human resources, with an XDR SecureX platform offer that customers love."

"We've reduced our workload by 20 to 30 percent just from being able to focus on the important things, as this product really does a lot of the grunt work for you."

"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."

"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."

"This solution definitely helps us meet our cyber security goals and we haven't had any problems so far."

"If management wants to ingest reports at a high level from all of the different products, they would only need one login to SecureX to view this information as opposed to separate logins for each of the integrated products."

"SecureX has been keeping our devices safe during the pandemic and we haven't had any major threats that have come in or that have been found on our devices."

More Cisco SecureX [EOL] pros

"The source composition analysis had very good reporting."

"The best feature is definitely the detailed reports. It provides code-related queries in the order of high, medium, and low depending on what we need to do. Veracode is user-friendly as well."

"Veracode provides guidance for fixing vulnerabilities. It enables developers to write secure code from the start by pointing them to the problematic line of code, and saying, "This function/method has security vulnerabilities," then suggests alternatives to fix it. Then, we adopt their suggestions of the tool. By implementing it in the right way, we can fix the issue. For example, if the tool has found a method where it copied one piece of memory into another piece of memory in the code. The tool points to problematic methods with the vulnerability and provides ways to code it more securely. By adopting their suggestions, we are fixing this vulnerability."

"It allows us to prove our security levels to vendors, and additionally helps us with our HIPAA security policies."

"The most valuable feature is the static scan that checks for security issues."

"The pricing is worth it."

"It gives feedback to developers on the effectiveness of their secure coding practices."

"We use Veracode static analysis during development to eliminate vulnerability issues"

More Veracode pros

Cons

"The automation and orchestration could be simpler."

"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."

"what's missing right now is the multi-tenant capability."

"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."

"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help."

"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."

"They could put in more third-party integrations, but also more playbooks out-of-the-box for automation would be helpful."

"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."

More Cisco SecureX [EOL] cons

"The static scans on Java lack microservices architecture scanning. We have developed an in-house pattern for this and the scans can't take care of it as a single entity."

"A high number of false positives are reported and this should be reduced."

"There were many issues when we were uploading code. The size restrictions that you enforce, the way the results are presented, and the difficulty in finding details for C and C++ all forced us to move off of it."

"The user interface can sometimes be a little challenging to work with, and they seem to be changing their algorithm on what is an issue. I understand why they do it, but it sometimes causes more work on our end."

"The static analysis is prone to a lot of false positives. But that's how it is with most static analysis tools... Also, the static analysis can sometimes take a little while. The time that it takes to do a scan should be improved."

"The interface is one thing I find a little challenging. Veracode's interface feels a little outdated compared to other solutions, and it could be modernized. I'm mostly happy with the features, but Vercaode could add Docker image scanning."

"The only notable problem we have had is that when new versions of Swift have come out, we have found Veracode tends to be a bit behind in updates to support the new language changes."

"The scanning is a little slow, but other than that it's fine. It's usually when the binaries get up into the multi-hundred megabyte size."

More Veracode cons

Pricing and Cost Advice

"It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."

"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."

"It is free. It can't get any better than that."

"It comes free with all Cisco products. So, it is a good price."

"The product is absolutely free to any customer. As such, the only thing one must keep in mind is that as long as he already has one Cisco security product, irregardless of what that product is, SecureX is available for free."

"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."

"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."

"For the value you get, the pricing of the solution is excellent."

More Cisco SecureX [EOL] pricing and cost advice

"There is a fee to scale up the solution which I consider expensive."

"It's very expensive, especially when you are a very small organization. If you're using Veracode at an individual level, for example, you're a developer or you run agents, the pricing might not affect you, but if you're using it at a company level to troubleshoot security issues, the pricing is not quite favorable. It may affect ROI."

"Regarding licensing, pay very close attention to what applications you're going to need to do dynamic scanning for, versus static. Right now, the way the licensing is set up, if you don't have any static elements for a website, you can certainly avoid some costs by doing more dynamic licenses. You need to pay very close attention to that, because if you find out later that you have static code elements - like Java scripts, etc. - that you want to have scanned statically, having the two licenses bundled together will actually save you money."

"Veracode's price is reasonable."

"It's worth the value"

"The pricing is pretty high."

"For enterprises, Veracode has done a fairly good job, but its pricing is not suitable for startups. The microservice distributed architecture for a startup is very small. I had to do a lot of discussions on the pricing initially. I previously worked in an enterprise organization where I used Veracode, and that's how I got to know about Veracode, but that was a big organization with more than a thousand employees. So, the cost is very different for them because the size of the application is different. Its pricing makes sense there, but when we try to onboard this solution for the startup ecosystem, pricing is not friendly. Because I knew the product and I knew its value, I onboarded it, but I don't think any other startup at our scale will onboard it."

"Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."

More Veracode pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

894,998 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Construction Company

11%

Marketing Services Firm

10%

Computer Software Company

10%

Outsourcing Company

Financial Services Firm

16%

Manufacturing Company

11%

Computer Software Company

11%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	7
Large Enterprise	3

By reviewers
Company Size	Count
Small Business	69
Midsize Enterprise	45
Large Enterprise	115

Questions from the Community

Ask a question

Earn 20 points

Which gives you more for your money - SonarQube or Veracode?

SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...

See all answers

What is your experience regarding pricing and costs for Veracode Static Analysis?

My experience with pricing, setup cost, and licensing for Veracode is that it is fairly moderate.

See all answers

What needs improvement with Veracode Static Analysis?

Veracode can improve to stand in this market. They do not have to do much; they just need to improve their UI experience and add more documentation within the application rather than just creating ...

See all answers

Comparisons

ERPScan SMART Cybersecurity Platform vs Cisco SecureX [EOL]

Compared 7% of the time

IBM Guardium Vulnerability Assessment vs Cisco SecureX [EOL]

Compared 7% of the time

Cortex XDR by Palo Alto Networks vs Cisco SecureX [EOL]

Compared 7% of the time

Quotium Seeker vs Cisco SecureX [EOL]

Compared 6% of the time

Cisco Secure Network Analytics vs Cisco SecureX [EOL]

Compared 6% of the time

More Cisco SecureX [EOL] Competitors

SonarQube vs Veracode

Compared 7% of the time

Checkmarx One vs Veracode

Compared 6% of the time

HCL AppScan vs Veracode

Compared 3% of the time

GitHub Advanced Security vs Veracode

Compared 3% of the time

OWASP Zap vs Veracode

Compared 3% of the time

More Veracode Competitors

Product Reports

Buyer's Guide

Cisco SecureX [EOL]

May 2026

Download Cisco SecureX [EOL] product report

Buyer's Guide

Veracode

April 2026

Download Veracode product report

Also Known As

Kenna.AppSec, Kenna.VI

Crashtest Security , Veracode Detect

Overview

Cisco SecureX is an integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure to create a consistent experience. The solution unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications. Cisco SecureX is embedded within every Cisco Security product and supports integrations with SIEM and SOAR, so customers will not need to replace any solution or worry about layering on new technology.

Cisco SecureX Features

Cisco SecureX has many valuable key features. Some of the most useful ones include:

Unified overview: Cisco SecureX offers key metrics on transactions and threats for network, endpoints, cloud and applications. In addition, the SecureX interface is integrated into all Cisco Security technologies.

Automation and an increase in operational efficiency: With Cisco SecureX, you gain better automation of workflows for products of the Cisco Security portfolio and third parties, allowing you to focus on other more important tasks. By eliminating manual work (through automatic identification of threats using analytical data of Cisco Talos and other sources), the solution helps your organization save a significant amount of time.

Security strengthening: Cisco SecureX makes it easy to compare analytical data from a set of various sources with the telemetry received from network, endpoints, e-mail, cloud, and third-party products.

Cisco SecureX Benefits

Some of the benefits of using Cisco SecureX include:

Secure every business endeavor with an open, integrated platform that has out-of-the-box interoperability and scales to meet security needs.

Advance your security maturity level using existing resources.

Turn security from a blocker into an enabler. Cisco SecureX allows you to add new security capabilities for the threat landscape.

Maximize your operational efficiency, helping you get the most from your security investments.

Reviews from Real Users

Below are some reviews and helpful feedback written by Cisco SecureX users.

PeerSpot user Wouter H., Technical Team Lead Network & Security at Missing Piece BV, shares several reasons why he thinks the solution is fantastic. In his opinion, “SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together. If an email is received on a machine and malware is being executed, it can be put into lockdown mode. The fact that you can have a single solution that combines endpoint intelligence with email intelligence, firewalls, and publicly available intelligence is really helpful. Also, SecureX provides us with contextual awareness throughout our security ecosystem. Before SecureX, things that were not possible, or that would take days, now literally take seconds to find out.

Michal S., Infrastructure Engineer at a media company, says, “SecureX provides many measurements and has a really good dashboard. Working with it you are able to see things very clearly and you have every detail on a single display. That saves us money and time.” He also adds, “It brings all our data into a central point. It also shows us many data connections between many of our environments. SecureX gives you really good information about potential risks. You are able to find the source of a risk, a potential risk from a user or a machine.”

Blair A., Technology Director at Shawnee Heights USD #450, explains, "One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."

Cisco

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
Scalability - Supports organizations with large-scale application portfolios.
Compliance support - Ensures applications meet various security standards and regulations.
Developer training - Provides tools for educating developers on secure coding practices.
Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.

Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Veracode

Sample Customers

NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece

Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.

Buyer's Guide

Application Security Tools

May 2026

Download Free Report

Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Application Security Tools. Updated: May 2026.

DOWNLOAD NOW

894,998 professionals have used our research since 2012.

See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.