We performed a comparison between Ixia BreakingPoint and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use Ixia BreakingPoint for Layer 7 traffic generation. That's what we like."
"The most valuable feature of Ixia BreakingPoint is the ransomware and malware database for simulated attacks."
"There is a virtual version of the product which is scaled to 100s of virtual testing blades."
"The solution has many protocols and options, making it very flexible."
"It is a scalable solution."
"The DDoS testing module is useful and quick to use."
"I like that we can test cloud applications."
"The SAST and DAST modules are great."
"Allows us to track the remediation and handling of identified vulnerabilities."
"The most valuable feature is Veracode SDP, which allows for something related to third-party vulnerabilities. When we build a product, we use a lot of third-party libraries instead of building everything from scratch. We just use a library which is already been built; we just use that component in our product. Sometimes, these libraries may have bugs or issues, and it's hard to keep track of them because we use thousands of them."
"The coding standards in our development group have improved. From scanning our code we've learned the patterns and techniques to make our code more secure. An example would be SQL injection. We have mitigated all the SQL injection in our applications."
"It has given our management a view into issues with all of our product lines. We have three products and all of them were scanned. As a result, the project lead for each product has taken measures to improve things."
"Before Veracode, the application was deployed to the production server and there would be a lot of bugs and issues. Once we implemented the Veracode scan, the full deployment issues were drastically reduced."
"The static scan is the feature that we use the most, as it gives us insight into our source code. We have it integrated with our continuous integration, continuous delivery system, so we can get insight quickly."
"For use cases where our company buys a product with the source code, but only the final executables or the binaries, only Veracode is able to work on that type of tool."
"I would appreciate some preconfigured network neighborhoods, which are predefined settings for testing networks."
"The production traffic simulations are not realistic enough for some types of DDoS attacks."
"They should improve UI mode packages for the users."
"The integration could improve in Ixia BreakingPoint."
"The solution originally was hard to configure; I'm not sure if they've updated this to make it simpler, but if not, it's something that could be streamlined."
"The price could be better."
"The quality of the traffic generation could be improved with Ixia BreakingPoint, i.e. to get closer to being accurate in what a real user will do."
"Veracode does not support scans for .NET Blazor server applications."
"We use Ruby on Rails and we still don't have any support for that from Veracode."
"Improve Mobile Application Dynamic Scanning DAST - .ipa and .apk"
"The results of agent-based software composition analysis are not connected to policy scanning. So, for me, the only thing that Veracode can improve in Software Composition Analysis is to connect it with the policy scan because, at present, it is a bit inconvenient for those in our organization who use agent-based Software Composition Analysis. In the end, they need to make a static scan with all those libraries in order to receive that report. If Veracode implemented a connection between agent-based static scan and static scanning itself, it would be great because it would lead to fewer operations in order to prepare release documentation and release reporting from Veracode. We recently had a conversation with Veracode about it."
"Their platform is not consistent. It needs a lot of user experience updates. It's slow performing, and they log you out of the system every 15 minutes, so using the platform is challenging from a developer's perspective because you always have to log in."
"The number of false positives could be reduced a lot. For each good result, we are getting somewhere around 15 to 20 false positives."
"Because our application is large, it takes a long time to upload and scan."
"The JIRA integration automation aspect of it could be improved significantly. We want to have a way to create tickets that are going to allow people to work through those flaws that we're finding. We don't want people to feel like they're missing out on something or that they're not following directions in the right way."
Ixia BreakingPoint is ranked 23rd in Application Security Testing (AST) with 8 reviews while Veracode is ranked 2nd in Application Security Testing (AST) with 194 reviews. Ixia BreakingPoint is rated 8.4, while Veracode is rated 8.2. The top reviewer of Ixia BreakingPoint writes "Works better for testing traffic, mix profile, and enrollment scenarios than other solutions". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Ixia BreakingPoint is most compared with Spirent CyberFlood and Synopsys Defensics, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and OWASP Zap. See our Ixia BreakingPoint vs. Veracode report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.