No more typing reviews! Try our Samantha, our new voice AI agent.

FlexNet Code Insight vs Veracode comparison

Revenera and Veracode are both solutions in the Software Composition Analysis (SCA) category. Revenera is ranked #20, while Veracode is ranked #2 with an average rating of 7.6. Revenera holds a 1.3% mindshare in SCA, compared to Veracode’s 5.9% mindshare. Additionally, 89% of Veracode users are willing to recommend the solution.
FlexNet Code Insight
Read 1 FlexNet Code Insight review
  • 683 Views
  • 683 Comparison Views
0% willing to recommend
Veracode
Read 208 Veracode reviews
  • 23,090 Views
  • 5,542 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between FlexNet Code Insight and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about Black Duck, Veracode, Snyk and others in Software Composition Analysis (SCA).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Software Composition Analysis (SCA) Report (Updated: April 2026).
Buyer's Guide
Software Composition Analysis (SCA)
April 2026
Download the complete report
Helped 894,668 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

FlexNet Code Insight
Ranking in Software Composition Analysis (SCA)
20th
Average Rating
4.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Veracode
Ranking in Software Composition Analysis (SCA)
2nd
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
208
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Container Security (10th), Static Code Analysis (1st), Dynamic Application Security Testing (DAST) (1st), Application Security Posture Management (ASPM) (1st)
 

Mindshare comparison

As of May 2026, in the Software Composition Analysis (SCA) category, the mindshare of FlexNet Code Insight is 1.3%, up from 0.7% compared to the previous year. The mindshare of Veracode is 5.9%, down from 9.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA) Mindshare Distribution
ProductMindshare (%)
Veracode5.9%
FlexNet Code Insight1.3%
Other92.8%
Software Composition Analysis (SCA)
 

Featured Reviews

it_user1061121 - PeerSpot reviewer
it_user1061121
Works
A decent web interface for reports, but the snippet style code matching requires too much effort
Due to the "snippet match" nature of the scans, we found that it was too much effort to properly validate and catalog each open source component with every new project/product. Incremental results were also difficult to achieve even after consulting with the vendor. We found there were too many false positives and the code-snippet validator had bugs and presented too many false positives. My experience with this tool has turned me away from "snippet"-focused composition analysis. We have switched to one that uses more complete code signatures that do not require validation and review of findings in most cases.
Read full review
reviewer2703864 - PeerSpot reviewer
reviewer2703864
Head of Security Architecture at a healthcare company with 5,001-10,000 employees
Onboarding developers successfully while improving code security through IDE integration
Regarding room for improvement, we have some problems when onboarding new projects because the build process has to be done in a certain way, as Veracode analyzes the binaries and not the code by itself alone. If the process is not configured correctly, it doesn't work. That's one of the things that we are discussing with Veracode. Something positive that we've been able to do is submit formal feature requests to them, and they are working on them; they've already solved some of them. This encourages us to propose new ideas and improvements. Another improvement that we asked for this use case is to be able to configure how Veracode Fix proposes and fixes because sometimes it makes proposals using libraries that go against our architecture design made by the enterprise architecture team. For example, we want them to propose using another library, and that's something we already asked Veracode, and they are working on it. We want to specify when you see this kind of vulnerability, you can only propose these two options.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It had a web interface into the reporting tools that was decent, and open source components could be reported per project and/or aggregated similar to other software composition tools."
"It had a web interface into the reporting tools that was decent, and open source components could be reported per project and/or aggregated similar to other software composition tools."
"The solution provides the capability for the application teams to track remediation and the handling of identified vulnerabilities."
"It gives us more confidence in the application security of the products we scan."
"It helps me to detect vulnerabilities."
"Our customers have benefited by being able to have a little bit more assurance from us, from a trusted authority, that our code is properly flaw-free and remediated."
"It has the ability to scale, and the fact that it doesn't produce a lot of false positives."
"In our business, we have applications written in so many different languages, and finding something that can consistently scan and not generate false positives across the paradigm or the whole ecosystem of languages is impressive."
"The valuable features are the static analysis and the dynamic analysis."
"I like Veracode's static analysis. It was one of the core development tools when I worked with a telecommunication company where we were delivering new features for various applications and purposes each week, such as CRM, data channels, compliance, traffic data, etc."
More Veracode pros
 

Cons

"I found the user interface cumbersome and difficult to use."
"My experience with this tool has turned me away from "snippet"-focused composition analysis."
"The scanning could be improved, because some scans take a bit of time."
"We tried to create an automatic scanning process for Veracode and integrate it into our billing process, but it was easier to adopt it to repositories based on GIT. Until now, our source control repository was Azure DevOps Server (Microsoft TFS) to managing our resources. This was not something that they supported. It took us some sessions together before we successfully implemented it."
"Mitigation review isn't always super easy."
"It takes a while to get a response to the software composition analysis. It is within an acceptable range but it could still be improved."
"The training lab is not very user-friendly and takes a long time to set up."
"The usability isn't good in Veracode. Sometimes, it will show a problem, but it's difficult to go into their tool and figure out where it is. You primarily use a web browser to access their system. It requires a lot of clicks. The static analysis is a separate part of their system from the SCA, so that's a bit difficult. They haven't fully integrated that. It's difficult for the consumer."
"Its cost and the long scanning times for large applications are the areas for improvement."
"When Veracode updates the pool of tests and security checks, it could be a little more transparent about what it is releasing. It's not clear what it's adding. They do thousands of checks, and when they add more, there aren't many details about what the new tests are doing."
More Veracode cons
 

Pricing and Cost Advice

Information not available
"To my knowledge, licensing for Veracode Static Analysis is paid yearly by my company."
"The price of Veracode Static Analysis is expensive. There is an annual fee to use the solution and the company is upfront with the pricing model and fees."
"I found Veracode very expensive, though I'm not the person paying for it. I was surprised to find out how much the subscription costs and that the executive board approved it, but it was a no-brainer because now my company has better security scans."
"For our company, the price is reasonable for the benefits that we get."
"Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
"The cost of scanning code is cheaper. It's typically $0.50 per line of code. However, it's expensive to run a high-level process that would normally require a human security expert. For example, penetration testing costs about $1,000 per application for penetration testing. The cost of these features may be too high for smaller organizations. On the other hand, Veracode's interactive application security testing is fast and cheaper compared to other software."
"For enterprises, Veracode has done a fairly good job, but its pricing is not suitable for startups. The microservice distributed architecture for a startup is very small. I had to do a lot of discussions on the pricing initially. I previously worked in an enterprise organization where I used Veracode, and that's how I got to know about Veracode, but that was a big organization with more than a thousand employees. So, the cost is very different for them because the size of the application is different. Its pricing makes sense there, but when we try to onboard this solution for the startup ecosystem, pricing is not friendly. Because I knew the product and I knew its value, I onboarded it, but I don't think any other startup at our scale will onboard it."
"Aside from the standard licensing fees, we also have to pay for a competent Success Manager."
More Veracode pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
See recommendations
894,668 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
16%
Computer Software Company
11%
Manufacturing Company
11%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business69
Midsize Enterprise45
Large Enterprise115
 

Questions from the Community

Ask a question
Earn 20 points
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
See all answers
What is your experience regarding pricing and costs for Veracode Static Analysis?
My experience with pricing, setup cost, and licensing for Veracode is that it is fairly moderate.
See all answers
What needs improvement with Veracode Static Analysis?
Veracode can improve to stand in this market. They do not have to do much; they just need to improve their UI experience and add more documentation within the application rather than just creating ...
See all answers
 

Comparisons

Black Duck SCA vs FlexNet Code Insight Logo
Black Duck SCA vs FlexNet Code Insight
Compared 47% of the time
Mend.io vs FlexNet Code Insight Logo
Mend.io vs FlexNet Code Insight
Compared 34% of the time
FOSSA vs FlexNet Code Insight Logo
FOSSA vs FlexNet Code Insight
Compared 13% of the time
More FlexNet Code Insight Competitors
SonarQube vs Veracode Logo
SonarQube vs Veracode
Compared 7% of the time
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
Compared 6% of the time
HCL AppScan vs Veracode Logo
HCL AppScan vs Veracode
Compared 3% of the time
GitHub Advanced Security vs Veracode Logo
GitHub Advanced Security vs Veracode
Compared 3% of the time
OWASP Zap vs Veracode Logo
OWASP Zap vs Veracode
Compared 3% of the time
More Veracode Competitors
 

Product Reports

Buyer's Guide
Software Composition Analysis (SCA)
April 2026
FlexNet Code Insight reportDownload FlexNet Code Insight product report
Buyer's Guide
Veracode
April 2026
Veracode reportDownload Veracode product report
 

Also Known As

No data available
Crashtest Security , Veracode Detect
 

Overview

FlexNet Code Insight is a powerful tool for managing open-source software usage, providing automated scans and compliance tracking to ensure legal obligations and software quality are maintained efficiently.

FlexNet Code Insight offers a comprehensive solution for software composition analysis, enabling businesses to identify and mitigate risks associated with open-source software. It integrates seamlessly into existing workflows, allowing for automated scanning and compliance auditing. With detailed insights into code dependencies and vulnerabilities, it supports compliance with open-source licenses and improves overall software governance.

What features make FlexNet Code Insight stand out?
  • Automated Scanning: Efficiently identifies open-source components and their associated risks.
  • License Compliance: Monitors and enforces adherence to open-source licenses.
  • Vulnerability Alerts: Provides timely notifications about known vulnerabilities.
  • Comprehensive Reporting: Generates detailed reports for informed decision making.
  • Integration Capability: Easily integrates with development tools and CI/CD pipelines.
What benefits should users look for when reviewing FlexNet Code Insight?
  • Enhanced Security: Streamlines vulnerability management to protect against security threats.
  • Risk Mitigation: Identifies license compliance issues to reduce legal risks.
  • Cost Efficiency: Saves time and resources through automated compliance checks.
  • Improved Governance: Offers better oversight of open-source software use.
  • Regulatory Compliance: Assists in meeting regulatory requirements effectively.

FlexNet Code Insight finds applications in industries like finance, healthcare, and technology, where managing open-source software is critical. It helps these sectors maintain compliance and security standards by providing an essential toolkit for overseeing software composition and ensuring all software components are up-to-date and safe for use.

Revenera

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

  • Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
  • Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
  • Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
  • Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
  • Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

  • Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
  • Scalability - Supports organizations with large-scale application portfolios.
  • Compliance support - Ensures applications meet various security standards and regulations.
  • Developer training - Provides tools for educating developers on secure coding practices.
  • Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.


Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Veracode
 

Sample Customers

Information Not Available
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Buyer's Guide
Software Composition Analysis (SCA)
April 2026
Download Free Report
Find out what your peers are saying about Black Duck, Veracode, Snyk and others in Software Composition Analysis (SCA). Updated: April 2026.
DOWNLOAD NOW
894,668 professionals have used our research since 2012.
See our list of best Software Composition Analysis (SCA) vendors.

We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.