We performed a comparison between ERPScan SMART Cybersecurity Platform and Veracode based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The core scanning, the scanning process, has got a very nice pass management module. It's fantastic."
"Considering that in my project, we are mostly using Software Composition Analysis as a part of Static Code Analysis, for me, the main part is reporting and highlighting necessary vulnerabilities. Veracode platform has a rather good database of different vulnerabilities in different libraries and different sources. So, finding vulnerabilities in third-party libraries is the main feature of Software Composition Analysis that we use. It is the most important feature for us."
"The solution is a specialist in SAST that you can rely on. Code scanning is fast with current, updated algorithms."
"The solution is stable. we've never had any issues surrounding its stability."
"We have such a wide variety of users for Veracode, including security champions, development leads, developers themselves, that the ease of use is really quite important, because we don't assume anything about what those people might already know, or need to know. It just makes it very useful for anyone who has to engage with it."
"The SAST and DAST modules are great."
"One thing that I like about Veracode is that it is quite a good tool for dynamic application testing."
"We have to look at it from the perspectives of how important it is to fix something and when it should be prioritized for fixing. The JSON output from the agent-based scans gives us the CVS core, and that makes things much easier."
"Code scanning is the most valuable feature."
"The anomaly detection could be improved."
"It could be improved with support for more programming languages, like SQL."
"We tried to create an automatic scanning process for Veracode and integrate it into our billing process, but it was easier to adopt it to repositories based on GIT. Until now, our source control repository was Azure DevOps Server (Microsoft TFS) to managing our resources. This was not something that they supported. It took us some sessions together before we successfully implemented it."
"Veracode can be improved in terms of software composition analysis and related vulnerabilities."
"The feature that allows me to read which mitigation answer was submitted, and to approve it, requires me to use do so in different screens. That makes it a little bit more complicated because I have to read and then I have to go back and make sure it falls under the same number ID number. That part is a little bit complicated from my perspective, because that's what I use the most."
"The static analysis is prone to a lot of false positives. But that's how it is with most static analysis tools... Also, the static analysis can sometimes take a little while. The time that it takes to do a scan should be improved."
"In the future, I would like to see the RASP capability built-in."
"From what we have seen of Veracode's SCA offering, it is just average."
"Searching for applications in Veracode is a little bit difficult. We have to minimize the length of an application's name to 47 characters. It would be good if this limit could be increased so that an application's name can be properly reflected in Veracode."
ERPScan SMART Cybersecurity Platform is ranked 55th in Application Security Tools while Veracode is ranked 2nd in Application Security Tools with 194 reviews. ERPScan SMART Cybersecurity Platform is rated 0.0, while Veracode is rated 8.2. The top reviewer of ERPScan SMART Cybersecurity Platform writes "Good core scanning, a helpful GDPR assessment template and very good technical support". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". ERPScan SMART Cybersecurity Platform is most compared with Onapsis, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.