• Home
  • Tenable.io Container Security vs. Veracode

Tenable.io Container Security vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Tenable Logo
Tenable.io Container Security
Read 7 Tenable.io Container Security reviews
1,850 views|1,658 comparisons
83% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
2,774 views|1,884 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Tenable.io Container Security vs. Veracode
May 2024
Executive Summary

We performed a comparison between Tenable.io Container Security and Veracode based on real PeerSpot user reviews.

Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Tenable.io Container Security vs. Veracode Report (Updated: May 2024).
Download the complete report
771,170 professionals have used our research since 2012.
Featured Review
Jahanzeb Feroze Khan
Improves organizational security with features like scanning, reporting, and troubleshooting
Tenable.io Container Security has improved our security.
AkashKhurana
Easy to configure, stable, and good vulnerability detection
Veracode's ability to prevent vulnerable code from being deployed into production is crucial. Typically, if a dependency we use has security issues... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It helps us secure our applications from the build phase and identify the weaknesses from scratch.""Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment.""The strong security provided by the product in the container environment is its most valuable feature.""Nessus scanner is very effective for internal penetration testing.""The tool's most valuable feature is scanning, reporting, and troubleshooting.""It is a scalable solution. Scalability-wise, it is a good solution.""Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."

More Tenable.io Container Security Pros →

"I like Veracode's ease of integration with various cloud platforms and tools.""Good static analysis and dynamic analysis.""The ability on static scans to be able to do sandbox scans which do not generate metrics.""Vulnerability Management and mitigation recommendations help with resolution of issues found, prior to deployment to production.""In terms of application security best practices and guidance to our teams, their engineering staff is really excellent. They provide our developers with suggestions and they take those to heart. They've learned from the recommended remediation strategies provided by the Veracode security engineers. That makes all of their future code better.""The best feature of Veracode is that we can do static and dynamic scans.""The CSCA vulnerability scanning is useful.""The most valuable features are that you can do static analysis and dynamic analysis on a scheduled basis and that you can push the findings into JIRA."

More Veracode Pros →

Cons
"Tenable.io Container Security should improve integration modules. It should also improve stability.""The support is tricky to reach, so we would like better-oriented technical support enabled.""They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed.""The stability and setup phase of the product are areas with shortcomings where improvements are needed.""The initial setup is highly complex.""I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls.""I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."

More Tenable.io Container Security Cons →

"We have some constraints interacting with Veracode self-support. I'm not talking about their technical support. I'm talking about self-support. We sometimes have a hard time communicating with them.""All areas of the solution could use some improvement.""Static scanning takes a long time, so you need to patiently wait for the scan to achieve. I also think the software could be more accurate. It isn't 100 percent, so you shouldn't completely rely on Veracode. You need to manually verify its findings.""It can be a bit complex because it takes a lot of time to have it complete the task.""Once your report has been generated, you need to review the report with consultation team, especially if it is too detailed on the development side or regarding the language. Then, you need some professional help from their end to help you understand whatever has been identified. Scheduling consultation takes a longer time. So, if you are running multiple reports at the same time, then you need to schedule a multiple consultation times with one of their developers. There are few developers on their end who work can work with your developers, and their schedules are very tight.""Sometimes we get a lot of false positives even after configuring our policies, so that could be improved.""The zip file scanning has room for improvement.""If Veracode was more diversified, as far as the number of platforms and the number of applications it could do in our favor, we would be using it even more. But there are a number of platforms it doesn't support. For example, I know they support C+, .NET, and Java, but there are certain platforms they don't support and that was disappointing."

More Veracode Cons →

Pricing and Cost Advice
  • "It's best to be an institutional buyer and directly contact the sales team as they can provide over-the-top discounts for bulk orders."
  • "I rate the product’s pricing a six out of ten."
  • "The product does not operate on a pay-per-license model."
  • "I rate the tool's pricing a three out of ten."

    • More Tenable.io Container Security Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See Recommendations
    771,170 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Tenable.io Container Security?
    Top Answer:The tool's most valuable feature is scanning, reporting, and troubleshooting.
    Read all 6 answers   →
    What is your experience regarding pricing and costs for Tenable.io Contai...
    Top Answer:I rate the tool's pricing a three out of ten.
    Read all 5 answers   →
    What needs improvement with Tenable.io Container Security?
    Top Answer:Tenable.io Container Security should improve integration modules. It should also improve stability.
    Read all 6 answers   →
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    21st
    out of 59 in Container Security
    Views
    1,850
    Comparisons
    1,658
    Reviews
    5
    Average Words per Review
    445
    Rating
    7.6
    4th
    out of 59 in Container Security
    Views
    2,774
    Comparisons
    1,884
    Reviews
    101
    Average Words per Review
    985
    Rating
    8.1
    Comparisons
    Also Known As
    Tenable FlawCheck, FlawCheck
    Crashtest Security , Veracode Detect
    Learn More
    Tenable
    Veracode
    Overview

    Tenable.io Container Security is a container security platform that delivers end-to-end visibility of Docker container images, providing vulnerability assessment, malware detection, and policy enforcement before and after deployment. It also integrates into your DevOps pipeline to eliminate security blind spots without slowing down software development. In addition, Tenable.io Container Security provides proactive visibility and security so your organization can solve the security challenges of containers at the speed of DevOps.

    Tenable.io Container Security Features

    Tenable.io Container Security has many valuable key features. Some of the most useful ones include:

    • Dashboard visibility: With Tenable.io Container Security, IT security managers gain at-a-glance visibility into container image inventory as well as security. Security teams can view vulnerability, malware, and other security data for all container images, and the distribution of vulnerabilities across images by CVSS score and risk level. The product also shows each image’s OS, OS version, and architecture.
    • Malware protection: The Tenable.io Container Security solution is unique because it is one of the only container security solutions that assesses container image source code for malware. It is designed with a custom-built malware detection engine to help ensure images are malware-free and to analyze container image source code.
    • Policy enforcement: If an image is created that exceeds the organization’s risk threshold, Tenable.io Container Security notifies developers immediately, with layer-specific information provided to help remediate issues rapidly. In addition, when using the solution, policy violations can trigger alerting or can optionally block specific images from being deployed. Policies can be applied globally or only to images in specific repositories.
    • Image syncing from third-party registries: The solution helps your organization gain instant insight into container security risks by synchronizing your existing registry images into Tenable.io Container Security. It integrates with Docker Registry, Docker Trusted Registry, JFrog Artifactory and Amazon EC2 Container Registry.
    • DevOps toolchain integration: In DevOps environments, Tenable.io Container Security can embed security testing into the software development tooling without blocking or disrupting existing software workflows or development processes.

    Tenable.io Container Security Benefits

    There are many benefits to implementing Tenable.io Container Security. Some of the biggest advantages the solution offers include:

    • Accurate, in-depth visibility: The platform helps you understand the individual layers of container images so you can gain an accurate view of cyber risk, reduce false positives, and provide detailed remediation guidance.
    • Securely accelerate DevOps: With Tenable.io Container Security, you can assess container images for vulnerabilities and malware as fast as 30 seconds from within the DevOps toolchain to avoid slowing down code velocity.
    • Enforce security policies: Tenable.io Container Security works to block new container builds that exceed your organizational risk thresholds to ensure containers are compliant with your security policies prior to deployment.
    • Decrease remediation costs: Tenable.io Container Security can help your organization dramatically reduce remediation costs by discovering and fixing software defects during development before application release.
    • Protect running containers: By implementing Tenable.io Container Security, you can gain visibility into running containers, which helps you to detect new vulnerabilities and security issues that may show up after deployment.

    Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

    Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

    Sample Customers
    ServiceMaster
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company13%
    Government10%
    Manufacturing Company10%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    REVIEWERS
    Small Business29%
    Midsize Enterprise14%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise9%
    Large Enterprise73%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise70%
    Buyer's Guide
    Tenable.io Container Security vs. Veracode
    May 2024
    Free Report: Tenable.io Container Security vs. Veracode
    Find out what your peers are saying about Tenable.io Container Security vs. Veracode and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,170 professionals have used our research since 2012.

    Tenable.io Container Security is ranked 21st in Container Security with 7 reviews while Veracode is ranked 4th in Container Security with 194 reviews. Tenable.io Container Security is rated 7.8, while Veracode is rated 8.2. The top reviewer of Tenable.io Container Security writes "It helps you catch misconfigurations before they go into a production environment where they're harder to deal with". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Tenable.io Container Security is most compared with Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, Wiz, Trivy and Red Hat Advanced Cluster Security for Kubernetes, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap. See our Tenable.io Container Security vs. Veracode report.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.