• Home
  • Synopsys Code Dx vs. Veracode

Synopsys Code Dx vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo

Synopsys Code Dx

Read 1 Synopsys Code Dx review
520 views|435 comparisons
0% willing to recommend
Veracode Logo

Veracode

Read 194 Veracode reviews
26,003 views|17,505 comparisons
89% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Application Security Testing (AST)
March 2024
Executive Summary
Updated on Mar 20, 2023

We performed a comparison between Synopsys Code Dx and Veracode based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Synopsys Code Dx offers several deployment options and an intuitive installation process. Veracode has a straightforward and easy initial setup process that allows for quick deployment and integration into existing systems.
  • Features: Synopsys Code Dx simplifies static analysis issue review, helping developers prioritize fixing critical issues. Veracode provides powerful and efficient code analysis with low false positive rates.
  • Pricing: Synopsys Code Dx does not have a free version and the pricing needs to be obtained by contacting their sales team. Veracode offers flexible licensing options and can fit within some budgets, but users may need to consider costs and explore other options. Additionally, Veracode allows temporary excess of application accounts and offers some flexibility in its licensing model.
  • Service and Support: Synopsys Code Dx offers multiple support options and 24/7 live support from representatives. Veracode provides good technical support, consultations, and a premier package for access to consultants and updates.

Comparison Result: Based on the parameters we compared, Veracode comes out ahead of Synopsys Code Dx. Although both products have valuable features and good technical support, our reviewers found that Synopsys Code Dx has higher false positive rates and less flexibility in licensing options.

To learn more, read our detailed Application Security Testing (AST) Report (Updated: March 2024).
Download the complete report
768,924 professionals have used our research since 2012.
Featured Review
Saravanan_Radhakrishnan
Facilitates continuous assessment of applications, covering both static and dynamic security aspects
AkashKhurana
Easy to configure, stable, and good vulnerability detection
Veracode's ability to prevent vulnerable code from being deployed into production is crucial. Typically, if a dependency we use has security issues... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."

More Synopsys Code Dx Pros →

"Within SCA, there is an extremely valuable feature called vulnerable methods. It is able to determine within a vulnerable library which methods are vulnerable. That is very valuable, because in the vast majority of cases where a library is vulnerable, none of the vulnerable methods are actually used by the code. So, if we want to prioritize the way open source libraries are updated when a library is found vulnerable, then we want to prioritize the libraries which have vulnerable methods used within the code.""It gives me an idea about the most important vulnerabilities and fast remediation tips.""The automation of Veracode is great because we no longer have to run manual testing.""The coding standards in our development group have improved. From scanning our code we've learned the patterns and techniques to make our code more secure. An example would be SQL injection. We have mitigated all the SQL injection in our applications.""The most valuable feature of Veracode Static Analysis is the scanning.""Another feature of Veracode is that they provide e-learning, but the e-learning is not basic, rather it is quite advanced... in the e-learning you can check into best practices for developing code and how to prevent improper management of some component of the code that could lead to a vulnerability. The e-learning that Veracode provides is an extremely good tool.""With the tools that Veracode provides, our developers are actually able to comprehend what the vulnerability was and then resolve it. So a lot of knowledge has been grown as a result, around security, with our developers.""Being able to scan our applications and identify all codes and defects is an extremely valuable feature."

More Veracode Pros →

Cons
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."

More Synopsys Code Dx Cons →

"When we engaged Veracode to conduct the manual penetration testing, they were extremely slow in completing the task and delivering the report, causing a delay of two to three weeks for us.""Sometimes, the scans halt or drop for some reason, and we need to get help from Veracode to fix it.""Veracode can improve the price model and how they bill the final offer to customers. It's based on the amount of traffic. For example, you can buy 1 gigabyte distributed across various applications, and each one can consume part of the whole allotment of traffic data.""The feature that allows me to read which mitigation answer was submitted, and to approve it, requires me to use do so in different screens. That makes it a little bit more complicated because I have to read and then I have to go back and make sure it falls under the same number ID number. That part is a little bit complicated from my perspective, because that's what I use the most.""The scanning process for records could be faster and there is room for improvement in Veracode's performance.""One concern is that scans take a long time to run. We scan at the end of the day because we know it will take a lot of time. We leave it to run and the report will be generated by the next day when we arrive. The scanning time could be reduced.""The documentation is poor and the technical support isn't helpful.""The interface is basic and has room for improvement."

More Veracode Cons →

Pricing and Cost Advice
  • "It is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not for everybody."

    • More Synopsys Code Dx Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    See Recommendations
    768,924 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Synopsys Code Dx?
    Top Answer:The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution Synopsys is a Gartner… more »
    What is your experience regarding pricing and costs for Synopsys Code Dx?
    Top Answer:I would rate the pricing model an eight out of ten, where one is low and ten is high. Because it is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not… more »
    What needs improvement with Synopsys Code Dx?
    Top Answer:Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might… more »
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    30th
    out of 67 in Application Security Testing (AST)
    Views
    520
    Comparisons
    435
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    2nd
    out of 67 in Application Security Testing (AST)
    Views
    26,003
    Comparisons
    17,505
    Reviews
    99
    Average Words per Review
    970
    Rating
    8.1
    Comparisons
    Checkmarx One logo
    Checkmarx One vs. Synopsys Code Dx
    Compared 17% of the time.
    Coverity logo
    Coverity vs. Synopsys Code Dx
    Compared 10% of the time.
    SonarQube logo
    SonarQube vs. Synopsys Code Dx
    Compared 9% of the time.
    Acunetix logo
    Acunetix vs. Synopsys Code Dx
    Compared 5% of the time.
    More Synopsys Code Dx Competitors   →
    SonarQube logo
    SonarQube vs. Veracode
    Compared 27% of the time.
    Checkmarx One logo
    Checkmarx One vs. Veracode
    Compared 14% of the time.
    Snyk logo
    Snyk vs. Veracode
    Compared 6% of the time.
    Fortify on Demand logo
    Fortify on Demand vs. Veracode
    Compared 6% of the time.
    OWASP Zap logo
    OWASP Zap vs. Veracode
    Compared 4% of the time.
    More Veracode Competitors   →
    Also Known As
    Crashtest Security , Veracode Detect
    Learn More
    Synopsys
    Video Not Available
    Veracode
    Overview

    Code Dx by Synopsys works with Intelligent Orchestration to give organizations the ability to: Execute tests and automatically run AppSec tools. Correlate results from multiple tools, combining security issues found by 75+ tools. Prioritize security issues, filtering out noise using machine learning.

    Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.

    Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references. Veracode's dynamic analysis solution simulates real-world attacks to identify vulnerabilities that may not be detectable by static analysis alone. Veracode's software composition analysis solution scans open-source and third-party components for known vulnerabilities. Veracode's manual penetration testing service is performed by experienced security professionals who use a variety of techniques to identify vulnerabilities in software applications.

    Many organizations, including Fortune 500 companies, government agencies, and startups, use Veracode's solution. Veracode's customers rely on Veracode to help them to improve the security of their software applications and to reduce the risk of data breaches and other security incidents.

    Here are some of the benefits of using Veracode:

    • Veracode provides capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing to help organizations identify and fix security vulnerabilities in their software applications early in the development process.
    • Veracode helps organizations reduce the risk of data breaches and other security incidents by identifying and fixing security vulnerabilities in their software application. 
    • Veracode helps organizations to comply with industry regulations. Many industries have regulations that require organizations to implement security measures to protect their customers' data. Veracode's solution can help organizations to comply with these regulations by providing them with the tools and resources they need to identify and fix security vulnerabilities in their software applications.
    Sample Customers
    Information Not Available
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company12%
    Insurance Company12%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise17%
    Large Enterprise69%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise70%
    Buyer's Guide
    Application Security Testing (AST)
    March 2024
    Download Free Report
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST). Updated: March 2024.
    DOWNLOAD NOW
    768,924 professionals have used our research since 2012.

    Synopsys Code Dx is ranked 30th in Application Security Testing (AST) with 1 review while Veracode is ranked 2nd in Application Security Testing (AST) with 194 reviews. Synopsys Code Dx is rated 0.0, while Veracode is rated 8.2. The top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Synopsys Code Dx is most compared with Checkmarx One, Coverity, SonarQube and Acunetix, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and OWASP Zap.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.