We performed a comparison between GitLab and Veracode based on real PeerSpot user reviews.Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most valuable feature of GitLab is its security."
"I have found the most valuable features of GitLab are the GitClone, GitPush, GitPull, GitMatch, GitMit, GitCommit, and GitStatus."
"The most valuable feature of GitLab is its convenience. I am able to trace back most of my changes up to a far distance in time and it helps me to analyze and see the older version of the code."
"The scalability is good."
"GitLab is being used as a repository for our codebase and it is a one stop DevOps tool we use in our team."
"GitLab's best features are continuous integration and fast deployment."
"It is very flexible and easy because you can store data on cloud."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"Veracode offers various security features."
"I like Veracode's ease of integration with various cloud platforms and tools."
"Veracode Security Labs are fantastic. My team loves getting the hands-on experience of putting in a flaw and fixing it. It's interactive. We've gotten decent support from the sales and software engineers, so the initial support was excellent. They scheduled a consultation call to dive deep and discuss why we see these findings and codes. That was incredibly helpful."
"The dynamic scanning tool is what I like the best. Compared to other tools that I've used for dynamic scanning, it's much faster and easier to use."
"The recommendations and frequent updates are the most valuable features of Veracode."
"Code scanning is the most valuable feature."
"It pinpoints the errors. Its accuracy is very interesting. It also elaborates on flaws, meaning it provides you with details about what is valid or not and how something can be fixed."
"The static analysis gives you deep insights into problems."
"I used Spring Cloud config and to connect that to GitLab was so hard."
"I don't really like the new Kubernetes integration because it is pretty focused on the on-premise environment, but we're in a hybrid environment."
"For as long as I have used GitLab, I haven't encountered any major limitations. However, I think that perhaps the search functionality could be better."
"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
"The integration and storage capabilities could be better."
"There is room for improvement in GitLab Agents."
"Their RBAC is role-based access, which is fine but not very good."
"We do face issues in our company when we run out of disk space."
"The training lab is not very user-friendly and takes a long time to set up."
"One area for improvement is the navigation in the UI. For junior developers or newcomers to the team, it can be confusing. The UI doesn't clearly bundle together certain elements associated with a scan. While running a scan, there are various aspects linked to it, but in the UI, they appear separate. It would be beneficial if they could redesign the UI to make it more intuitive for users."
"It would be nice if Veracode were bundled with some preferred vendors like Salesforce and offered at a discount."
"Scanning progress is highly dependent on the speed of the Internet."
"There should be more APIs, especially in SCA, to get some results or automate some things."
"Veracode does not support scans for .NET Blazor server applications."
"Sometimes the scans are not done quickly, but the solutions that it provides are really good. The quality is high, but the analysis is not done extremely quickly."
"The number of false positives could be reduced a lot. For each good result, we are getting somewhere around 15 to 20 false positives."
GitLab is a DevOps platform used for DevOps adoption, including pipeline development, automation, deployment, version control, and CI/CD. It is also used as a repository for code, issue, and configuration management. It can be deployed on-premise or in the cloud and is used by various industries.
The most valuable features include integration with CIE, rapid deployment, ease of use, good customer support, stability, scalability, automation, and security. GitLab has helped organizations save time by providing easy merging of code and frequent updates.
Some of the ways that organizations can benefit by deploying GitLab include:
Built-in CI/CD capabilities. Users are able to build, test, and deploy their software without turning to outside integrations. The CI/CD automation is built-in so that all of these functions can be easily automated as necessary.
Reviews from Real Users
GitLab is a solution that stands out when compared to many of its competitors. Two major advantages it offers are the overall completeness of the solution and the way that it enables application developers to work on various parts of a given project simultaneously.
Kulbhushan M., co-founder and technical architect at Think NYX Technologies LLP, writes, “The SaaS setup is impressive, and it has DAST solutions. It also has dependency check and scanning mechanisms. If we were using other solutions, they would have to be configured, and we would have to set them to us as a third party, but GitLab is straightforward. GitLab is a single solution that helps us do everything we need.”
Zeeshan R., a software engineer at OZ, writes, “The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish. We can all work on our code in tandem.”
Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.
Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references. Veracode's dynamic analysis solution simulates real-world attacks to identify vulnerabilities that may not be detectable by static analysis alone. Veracode's software composition analysis solution scans open-source and third-party components for known vulnerabilities. Veracode's manual penetration testing service is performed by experienced security professionals who use a variety of techniques to identify vulnerabilities in software applications.
Many organizations, including Fortune 500 companies, government agencies, and startups, use Veracode's solution. Veracode's customers rely on Veracode to help them to improve the security of their software applications and to reduce the risk of data breaches and other security incidents.
Here are some of the benefits of using Veracode:
Application security starts with secure code. Find out more about the benefits of using Veracode to keep your software secure throughout the development lifecycle.
GitLab is ranked 6th in Application Security Tools with 50 reviews while Veracode is ranked 2nd in Application Security Tools with 70 reviews. GitLab is rated 8.6, while Veracode is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Veracode writes "Good reporting, comprehensive interface, and integrates well into our build pipeline". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, TeamCity and UrbanCode Deploy, whereas Veracode is most compared with SonarQube, Checkmarx, Fortify on Demand, OWASP Zap and Acunetix. See our GitLab vs. Veracode report.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.