FlexNet Code Insight vs Veracode Comparison 2024

FlexNet Code Insight

Veracode

FlexNet Code Insight

Read 1 FlexNet Code Insight review

335 views|266 comparisons

Veracode

Read 194 Veracode reviews

6,768 views|4,518 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Software Composition Analysis (SCA)

April 2024

Executive Summary

We performed a comparison between FlexNet Code Insight and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about Synopsys, Snyk, Veracode and others in Software Composition Analysis (SCA).

To learn more, read our detailed Software Composition Analysis (SCA) Report (Updated: April 2024).

Download the complete report

768,857 professionals have used our research since 2012.

Featured Review

Anonymous User

Works

A decent web interface for reports, but the snippet style code matching requires too much effort

After about a year, we never really institutionalized the reports and review data coming from Flexera due to a number of issues. Some of those... Read more →

Deepak Naik

Chief Security Officer at Digite

It's a solution our customers trust, so when we share the report they know we've done our due diligence

The main benefit of Veracode is that we can deliver better, more secure software. Our customers also trust Veracode. When we share the Veracode... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"It had a web interface into the reporting tools that was decent, and open source components could be reported per project and/or aggregated similar to other software composition tools."

More FlexNet Code Insight Pros →

"I can have quick results by just uploading compiled components.""The reporting being highly accurate is pretty cool. I use another product and I was always looking for answers as to what line, which part of the code, was wrong, and what to do about it. Veracode seems to have a solid database to look things up and a website to look things up.""The dependency graph visualization provides the ability to see nested dependencies within libraries for pinpointing vulnerabilities.""The solution is stable. we've never had any issues surrounding its stability.""We have such a wide variety of users for Veracode, including security champions, development leads, developers themselves, that the ease of use is really quite important, because we don't assume anything about what those people might already know, or need to know. It just makes it very useful for anyone who has to engage with it.""For our rapid, secure DevOps cycle, we have integration of the Vericode API into our build tool, and Greenlight into our IDE.""It helps me to detect vulnerabilities.""Their dashboard is really good, overall. In my opinion, it's one of the best in the market, and I say that because we have used other service providers."

More Veracode Pros →

Cons

"I found the user interface cumbersome and difficult to use."

More FlexNet Code Insight Cons →

"While Veracode is way ahead of its competitors on Gartner Magic Quadrant, it's a bit more expensive than Fortify. It's a good solution for the cost, but if we had a high budget, we would go with Checkmarx, which is much better than Veracode.""Veracode is costly, and there is potential for improvement in its pricing.""I think for us the biggest improvement would be to have an indicator when there's something wrong with a scan.""Reporting. Some of the reporting features of Veracode do need improvement. They do not have the most robust access to data. That would be a bit more beneficial to a lot of our clients as well as our actual in-house staff. I've been talking to our program management at Veracode about that, and that is actually on their radar to have that improved, I think actually this year.""The reports on offer are too verbose.""I would like to see more technical support for some of the connectors, some more detailed diagrams or run-books on how to install some of stuff; more hand-holding in the sense of understanding our environment.""The scanning on the UI portion of our applications is straightforward, but folks were having challenges with scans that involved microservices. They had to rope in an expert to have it sorted.""One of the things that we have from a reporting point of view, is that we would love to see a graphical report. If you look through a report for something that has come back from Veracode, it takes a whole lot of time to just go through all the pages of the code to figure out exactly what it says. We know certain areas don’t have the greatest security features but those are usually minor and we don’t want to see those types of notifications."

More Veracode Cons →

Pricing and Cost Advice

Information Not Available

"Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."

"The pricing is pretty high."

"The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."

"I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."

"It's worth the value"

"Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."

"It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."

"The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

More Veracode Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.

See Recommendations

768,857 professionals have used our research since 2012.

Questions from the Community

Ask a question

Earn 20 points

Which gives you more for your money - SonarQube or Veracode?

Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »

Read all 6 answers →

What do you like most about Veracode?

Top Answer:The SAST and DAST modules are great.

Read all 96 answers →

What is your experience regarding pricing and costs for Veracode?

Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.

Read all 66 answers →

Ranking

17th

out of 40 in Software Composition Analysis (SCA)

Views

335

Comparisons

266

Reviews

Average Words per Review

Rating

N/A

3rd

out of 40 in Software Composition Analysis (SCA)

Views

6,768

Comparisons

4,518

Reviews

Average Words per Review

970

Rating

8.1

Comparisons

Black Duck vs. FlexNet Code Insight

Compared 75% of the time.

Mend.io vs. FlexNet Code Insight

Compared 25% of the time.

More FlexNet Code Insight Competitors →

SonarQube vs. Veracode

Compared 27% of the time.

Checkmarx One vs. Veracode

Compared 14% of the time.

Snyk vs. Veracode

Compared 6% of the time.

Fortify on Demand vs. Veracode

Compared 6% of the time.

OWASP Zap vs. Veracode

Compared 4% of the time.

More Veracode Competitors →

Also Known As

Crashtest Security , Veracode Detect

Learn More

Revenera

Video Not Available

Veracode

Overview

FlexNet Code Insight is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk, while you build your products and during their lifecycle. Manage open source license compliance. And add automation to your processes and implement a formal OSS strategy and policy that balances business benefits and risk management.

Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.

Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references. Veracode's dynamic analysis solution simulates real-world attacks to identify vulnerabilities that may not be detectable by static analysis alone. Veracode's software composition analysis solution scans open-source and third-party components for known vulnerabilities. Veracode's manual penetration testing service is performed by experienced security professionals who use a variety of techniques to identify vulnerabilities in software applications.

Many organizations, including Fortune 500 companies, government agencies, and startups, use Veracode's solution. Veracode's customers rely on Veracode to help them to improve the security of their software applications and to reduce the risk of data breaches and other security incidents.

Here are some of the benefits of using Veracode:

Veracode provides capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing to help organizations identify and fix security vulnerabilities in their software applications early in the development process.
Veracode helps organizations reduce the risk of data breaches and other security incidents by identifying and fixing security vulnerabilities in their software application.
Veracode helps organizations to comply with industry regulations. Many industries have regulations that require organizations to implement security measures to protect their customers' data. Veracode's solution can help organizations to comply with these regulations by providing them with the tools and resources they need to identify and fix security vulnerabilities in their software applications.

Sample Customers

Information Not Available

Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.

Top Industries

VISITORS READING REVIEWS

Computer Software Company24%

Manufacturing Company18%

Real Estate/Law Firm13%

Financial Services Firm11%

REVIEWERS

Computer Software Company26%

Financial Services Firm23%

Insurance Company9%

Comms Service Provider6%

VISITORS READING REVIEWS

Financial Services Firm18%

Computer Software Company15%

Manufacturing Company8%

Government6%

Company Size

VISITORS READING REVIEWS

Small Business14%

Midsize Enterprise26%

Large Enterprise59%

REVIEWERS

Small Business31%

Midsize Enterprise20%

Large Enterprise49%

VISITORS READING REVIEWS

Small Business17%

Midsize Enterprise13%

Large Enterprise70%

FlexNet Code Insight vs Veracode comparison

FlexNet Code Insight

Veracode