• Home
  • ExtraHop Reveal(x) 360 vs. Veracode

ExtraHop Reveal(x) 360 vs Veracode comparison

Cancel
You must select at least 2 products to compare!
ExtraHop Networks Logo
ExtraHop Reveal(x) 360
Read 3 ExtraHop Reveal(x) 360 reviews
47 views|32 comparisons
100% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
2,774 views|1,880 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
ExtraHop Reveal(x) 360 vs. Veracode
March 2024
Executive Summary

We performed a comparison between ExtraHop Reveal(x) 360 and Veracode based on real PeerSpot user reviews.

Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ExtraHop Reveal(x) 360 vs. Veracode Report (Updated: March 2024).
Download the complete report
769,976 professionals have used our research since 2012.
Featured Review
Maksym Toporkov
A competitive choice for network detection and response with exceptional user interface, ease of implementation and...
We only used it on PoV. But we have already easily identified the places that need attention. So we can say that the product starts bringing... Read more →
Deepak Naik
It's a solution our customers trust, so when we share the report they know we've done our due diligence
The main benefit of Veracode is that we can deliver better, more secure software. Our customers also trust Veracode. When we share the Veracode... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management.""It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand.""It is scalable."

More ExtraHop Reveal(x) 360 Pros →

"The most valuable feature is the static scan that checks for security issues.""You can easily integrate it with Azure DevOps. This is an added value because we work with Azure DevOps. Veracode is natively supported and we don't have to work with APIs.""The capability to identify vulnerable code is the most valuable feature of Veracode.""The most valuable feature is the efficiency of the tool in finding vulnerabilities.""For our rapid, secure DevOps cycle, we have integration of the Vericode API into our build tool, and Greenlight into our IDE.""The source composition analysis component is great because it gives our developers some comfort in using new libraries.""Provides the capability to track remediation and the handling of identified vulnerabilities.""The solution's ability to prevent vulnerable code from going into production is perfectly fine. It delivers, at least for the reports that we have been checking on Java and JavaScript. It has reported things that were helpful."

More Veracode Pros →

Cons
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers.""A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations.""There needs to be more support."

More ExtraHop Reveal(x) 360 Cons →

"The scanning is a little slow, but other than that it's fine. It's usually when the binaries get up into the multi-hundred megabyte size.""There needs to be better API integration to the development team's pipeline, which is something that is missing and needs to be improved.""Veracode Static Analysis can improve the false positive. There are always improvements that can be done to the false positive rate. There are some things that get flagged that are not an issue. However, it is not a huge concern.""To be able to upload source codes without being compiled. That’s one feature that drives us to see other sources.""I do expect large applications with millions of lines of code to take a while, but it would be nice if there was a possibility to be able to have a baseline initial scan. I know that Veracode touts that there are Pipeline Scans that are supposed to take 90 seconds or less, and we've tried to do that ourselves with our ERP application. However, it actually times out after two hours of scanning. If the static scan itself or another option to run a lower tier scan can be integrated earlier on into our SDLC, it would be great. Right now, it takes so long that we usually leave it till a bit later in the cycle, whereas if it ran faster, we could push it to the time when a developer will be checking in code. That would make us feel a lot more confident that we'd be able to catch things almost instantaneously.""We have approximately 900 people using the solution. The solution is scalable, but there is a high cost attached to it.""When it comes to the speed of the pipeline scan, one of the things we have found with Veracode is that it's very fast with Java-based applications but a bit slow with C/C++ based applications. So we have implemented the pipeline scan only for Java-based applications not for the C/C++ applications.""The overall reporting structure is complicated, and it's difficult to understand the report."

More Veracode Cons →

Pricing and Cost Advice
  • "When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."

    • More ExtraHop Reveal(x) 360 Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See Recommendations
    769,976 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about ExtraHop Reveal(x) 360?
    Top Answer:It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for… more »
    Read all 3 answers   →
    What needs improvement with ExtraHop Reveal(x) 360?
    Top Answer:The NDR feature analyzes network traffic, creating records with connection details. While these records offer insights, there's a limitation in investigating payloads directly. ExtraHop provides an… more »
    Read all 3 answers   →
    What advice do you have for others considering ExtraHop Reveal(x) 360?
    Top Answer:I recommend prioritizing demos over POCs when engaging with vendors. Organizing POCs involves significant time and resource investments for both parties. Instead, invest time in multiple demo… more »
    Read all 3 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    26th
    out of 60 in Container Security
    Views
    47
    Comparisons
    32
    Reviews
    2
    Average Words per Review
    593
    Rating
    8.5
    4th
    out of 60 in Container Security
    Views
    2,774
    Comparisons
    1,880
    Reviews
    101
    Average Words per Review
    976
    Rating
    8.1
    Comparisons
    Also Known As
    ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
    Crashtest Security , Veracode Detect
    Learn More
    ExtraHop Networks
    Video Not Available
    Veracode
    Overview

    Cloud is where your business operates, where it innovates, how it enables employees, and how it connects with customers. Adversaries know this, and that's why attacks against cloud assets in IaaS, PaaS, and SaaS environments are increasing. With Reveal(x) 360, you can mitigate the blast radius of advanced threats like ransomware and supply chain attacks with unified security across multicloud and hybrid environments in a single management pane.

    Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.

    Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references. Veracode's dynamic analysis solution simulates real-world attacks to identify vulnerabilities that may not be detectable by static analysis alone. Veracode's software composition analysis solution scans open-source and third-party components for known vulnerabilities. Veracode's manual penetration testing service is performed by experienced security professionals who use a variety of techniques to identify vulnerabilities in software applications.

    Many organizations, including Fortune 500 companies, government agencies, and startups, use Veracode's solution. Veracode's customers rely on Veracode to help them to improve the security of their software applications and to reduce the risk of data breaches and other security incidents.

    Here are some of the benefits of using Veracode:

    • Veracode provides capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing to help organizations identify and fix security vulnerabilities in their software applications early in the development process.
    • Veracode helps organizations reduce the risk of data breaches and other security incidents by identifying and fixing security vulnerabilities in their software application. 
    • Veracode helps organizations to comply with industry regulations. Many industries have regulations that require organizations to implement security measures to protect their customers' data. Veracode's solution can help organizations to comply with these regulations by providing them with the tools and resources they need to identify and fix security vulnerabilities in their software applications.
    Sample Customers
    Wizards of the Coast
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm12%
    University9%
    Computer Software Company8%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise70%
    Buyer's Guide
    ExtraHop Reveal(x) 360 vs. Veracode
    March 2024
    Free Report: ExtraHop Reveal(x) 360 vs. Veracode
    Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. Veracode and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    769,976 professionals have used our research since 2012.

    ExtraHop Reveal(x) 360 is ranked 26th in Container Security with 3 reviews while Veracode is ranked 4th in Container Security with 194 reviews. ExtraHop Reveal(x) 360 is rated 8.6, while Veracode is rated 8.2. The top reviewer of ExtraHop Reveal(x) 360 writes "A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". ExtraHop Reveal(x) 360 is most compared with ExtraHop Reveal(x), Forescout Platform and Corelight, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap. See our ExtraHop Reveal(x) 360 vs. Veracode report.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.