We performed a comparison between ReShaper and Veracode based on real PeerSpot user reviews.
Find out what your peers are saying about Veracode, OpenText, JetBrains and others in Static Code Analysis."The most valuable feature of ReShaper is that it provides continuously scanning of the data in real-time. ReShaper has a really good mechanism and process, they have a decent system."
"It comes with many features and supports almost all of the coding languages available."
"My experience with Veracode across the board every time, in all products, the technology, the product, the service, and the salespeople is fabulous."
"It has the ability to scale, and the fact that it doesn't produce a lot of false positives."
"We use it to get our scan results and see where our software is vulnerable or not vulnerable."
"The most valuable feature of Veracode is the binary scan feature for auditing, which allows us to audit the software without the source code."
"The most valuable feature is the security and vulnerability parts of the solution. It shows medium to high vulnerabilities so we can find them, then upgrade our model before it is too late. It is useful because it automates security. Also, it makes things more efficient. So, there is no need for the security team to scan every time. The application team can update it whenever possible in development."
"The time savings has been tremendous. We saw ROI in the first six months."
"To me, the principal feature is the CLI (command-line interface) because I put together a lot of implementations using it. Another important aspect is the low false-positive rate because the solution is very configurable. It is as low as 1 percent and that is a huge difference compared to competitors."
"The static scan and the detailed reports, which include issue information and permissions, are the most valuable features."
"When it's integrated with a weak server machine, the performance isn't that great. It starts up slowly and even crashes at times."
"ReShaper could improve by increasing the performance of the scans. Their application is taking too much CPU. The processing is taking too many CPU resources which causes the system to slow down."
"We have encountered occasional issues with scalability."
"The static scans on Java lack microservices architecture scanning. We have developed an in-house pattern for this and the scans can't take care of it as a single entity."
"I would like to see expanded coverage for supporting more platforms, frameworks, and languages."
"They could improve how they fix vulnerabilities. They could have more support in place to help the developers."
"The documentation is poor and the technical support isn't helpful."
"I would like to see improvement on the analytics side, and in integrations with different tools. Also, the dynamic scanning takes time."
"It would help if there were a training module that would explain how to more effectively integrate the SAST product into the build tool, Jenkins or Bamboo."
"The interface is basic and has room for improvement."
ReShaper is ranked 3rd in Static Code Analysis while Veracode is ranked 1st in Static Code Analysis with 194 reviews. ReShaper is rated 8.6, while Veracode is rated 8.2. The top reviewer of ReShaper writes "Detects, analyzes, and fixes any coding issues". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". ReShaper is most compared with Whole Tomato Visual Assist and Fortify Static Code Analyzer, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and OWASP Zap.
See our list of best Static Code Analysis vendors.
We monitor all Static Code Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.