We performed a comparison between PyCharm and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Static Code Analysis solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is an excellent, fully integrated IDE with smart code analysis capability and a built-in debugger. It is a fantastic tool."
"The recent AI-powered code completion is pretty cool."
"Good syntax highlighting and very it's very customizable."
"The solution has a nice environment and extensions that make it easy to develop software."
"The solution has a great debugging feature."
"The product's IDE feature is quite user-friendly."
"The integrated code structure makes coding more organized and manageable compared to using Python alone."
"The best feature of PyCharm is that it gives you hints whenever it detects any issues while you are coding. This is important because it helps us code faster and without any errors."
"Provides the ability to understand the black zones in our system."
"I appreciate the integration provided by Veracode that seamlessly integrates with our CI/CD tools and allows us to integrate with IPA as well."
"The ability on static scans to be able to do sandbox scans which do not generate metrics."
"The Security Labs [is] where I have the developers training and constantly improving their security, and remembering their security techniques. That way, they are more proactive and make sure things are correct. They're faster because they're doing it in the first place."
"The solution's ability to help create secure software is very valuable. We're a zero-trust networking company so we want to have the ability to say that we're practicing security seriously. Having something like Veracode allows us to have confidence when we're speaking to people about our product that we can back up what we're doing with a certification, with a reputable platform, and say, "This is what we're using to scan an application. Here's the number of vulnerabilities that are on an application. And here's the risk that we're accepting.""
"It is a good product for creating secure software. The static code analysis is pretty good and useful."
"The policy reporting for ensuring compliance with industry standards and regulations is pretty comprehensive, especially around PCI. If you do the static analysis, the dynamic analysis, and then a manual penetration test, it aggregates all of these results into one report. And then they create a PCI-specific report around it which helps to illustrate how the application adheres to different standards."
"I can have quick results by just uploading compiled components."
"PyCharm's use of system resources can get pretty heavy. Loading, in particular, takes longer than I would like and I think they should optimize it so that it's a bit lighter on the system."
"The solution does not support some features of OpenCV even though it is part of a PyCharm package."
"There should be support for the RUST plugin in the Community edition for debugging."
"They should improve the product's interactiveness."
"There is room for improvement in memory usage. It uses too much memory. It can get a bit heavy, especially when you have too many open files and the system becomes very slow."
"The user interface and overall user experience could be more intuitive to make it easier for users to navigate and utilize the software effectively."
"Notebooks in PyCharm is not as intuitive as it could be."
"The navigation can be better."
"Veracode Static Analysis lacks penetration testing, so that's a concern. The tool is also unable to scan when it's a C or C++ model, so that's another area for improvement."
"One of the most important areas that need improvement for Veracode is its DaaS. Veracode's DAST engines are primitive."
"The policies you have, where you can tune the findings you get, don't allow you not to file tickets about certain findings. It will always report the findings, even if you know you're not that concerned about a library writing to a system log, for example. It will keep raising them, even though you may have a ticket about it. The integration will keep updating the ticket every time the scan runs."
"The documentation is poor and the technical support isn't helpful."
"If the dynamic scan is improved, then the speed might go up. That is somehow not happening. We have raised this concern. It might also help if they could time limit scans to 24 hours instead of letting them go for three days. Then, whatever results could be shared, even if the scan is not complete, that would definitely help us."
"It's very expensive for a small organization."
"The interface is one thing I find a little challenging. Veracode's interface feels a little outdated compared to other solutions, and it could be modernized. I'm mostly happy with the features, but Vercaode could add Docker image scanning."
"The solution does not support Dynamic Application Security Testing."
PyCharm is ranked 6th in Static Code Analysis with 8 reviews while Veracode is ranked 1st in Static Code Analysis with 194 reviews. PyCharm is rated 8.6, while Veracode is rated 8.2. The top reviewer of PyCharm writes "Convenient to use and surely increases the effectiveness of software development". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". PyCharm is most compared with , whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap. See our PyCharm vs. Veracode report.
See our list of best Static Code Analysis vendors.
We monitor all Static Code Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
