We performed a comparison between Fortinet Penetration Testing Service and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Penetration Testing Services solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The platform is stable."
"We didn't use customer service often, but my opinion is that they are really good."
"The most valuable features are that you can do static analysis and dynamic analysis on a scheduled basis and that you can push the findings into JIRA."
"The feature I like most in Veracode is that it clearly specifies the line in the entire file where a vulnerability is found."
"Veracode's most valuable aspect is continuous integration. It helps us integrate with other applications so that it can monitor the security process."
"I like Veracode's API. You can put it into a simple bash script and run your own security testing from your MacBook in less than 15 minutes."
"Scanning of .war and .jar is key for us."
"It does software composition analysis, discovering open source software weaknesses."
"It has the ability to scale, and the fact that it doesn't produce a lot of false positives."
"You can easily integrate it with Azure DevOps. This is an added value because we work with Azure DevOps. Veracode is natively supported and we don't have to work with APIs."
"I think the Fortinet Penetration Testing could be further improved by making it more robust than what it is now."
"The product needs to enhance the interaction feature in terms of speed. Sometimes, when we need to get a virtual view of websites, the speed of notifications between customers and the site works slowly."
"They should improve on the static scanning time."
"I do expect large applications with millions of lines of code to take a while, but it would be nice if there was a possibility to be able to have a baseline initial scan. I know that Veracode touts that there are Pipeline Scans that are supposed to take 90 seconds or less, and we've tried to do that ourselves with our ERP application. However, it actually times out after two hours of scanning. If the static scan itself or another option to run a lower tier scan can be integrated earlier on into our SDLC, it would be great. Right now, it takes so long that we usually leave it till a bit later in the cycle, whereas if it ran faster, we could push it to the time when a developer will be checking in code. That would make us feel a lot more confident that we'd be able to catch things almost instantaneously."
"Veracode does not support scans for .NET Blazor server applications."
"There are many times when their product goes to check my code and it dies, and I don't know why. I've contacted support and they're not really helpful with this particular problem. I go to the logs and I look at what I can but I can't tell why the check process has essentially just died in the middle of checking."
"Another thing I need is continued support for the new languages today that are popular. Most of them are scripting languages more so than real, fourth-generation, commercial grade stuff; we're evolving. Most applications are using so much open-source that, quite frankly, it would be great to see Veracode, or anybody else, extend their platform to where they are able to help secure open-source platforms or repositories."
"Veracode doesn't really help you so much when it comes to fixing things. It is able to find our vulnerabilities but the remediation activities it does provide are not a straight out-of-the-box kind of model. We need to work on remediation and not completely rely on Veracode."
"The solution could improve the Dynamic Analysis Security Testing(DAST)."
"There are certain shortcomings in Veracode's static analysis engine. I would improve Veracode's static analysis engine to make it capable of identifying vulnerabilities with low false positives."
More Fortinet Penetration Testing Service Pricing and Cost Advice →
Fortinet Penetration Testing Service is ranked 5th in Penetration Testing Services with 2 reviews while Veracode is ranked 2nd in Penetration Testing Services with 194 reviews. Fortinet Penetration Testing Service is rated 8.0, while Veracode is rated 8.2. The top reviewer of Fortinet Penetration Testing Service writes "Flexible to use product with good technical support services ". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Fortinet Penetration Testing Service is most compared with Cobalt.io, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap. See our Fortinet Penetration Testing Service vs. Veracode report.
See our list of best Penetration Testing Services vendors.
We monitor all Penetration Testing Services reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.