We see a few false positives in Veracode but not many. It's negligible.

Veracode's false positive rate is very low based on what we have found.

The false positive rate we haven't really looked into. We need to learn more about it.

At first, we experienced a high number of false positives, but the Veracode team provided guidance that enabled us to significantly reduce the count.

Veracode has the lowest false positive rate in the market. Its results are accurate. In some cases, it is very difficult to see a false positive. We report it to the engineers, and they analyze it. If it is truly a false positive, the engineers will update the engine to provide better results at the next scan. The false positive rate of the static analysis has not affected the time we spend on tuning policies.

After the scanning is completed, with other solutions from a DAST perspective, we would receive a report. If there are any false positives, we would have to identify them ourselves. However, with Veracode, one of their engineers or a support team member will verify the information, which helps to minimize the number of false positives.

When it comes to visibility, I am not sure whether it is through Veracode, but we have our pipelines built on Azure. We do get to see whenever a scan is kicked off and whether the Veracode check has passed. There is no direct visibility in Veracode apart from the dashboard, which does have information about what type of scan has been performed and whether it is a policy sandbox or just a testing sandbox.

There are very few false positives. I'd rate the false positive rate as nine out of ten. It's very good. It's very positive on developer confidence.

The false positives depend on the code. Veracode provides around 5% false positives.

The false positive rate is quite low, which is critical.

The false positive rate of static analysis can affect the time spent on tuning policies. It took at least one day for me to raise that mitigation and approval ticket to look into it.

The product's false-positive rate is low.

When it comes to eliminating false positives, you're never going to have 100%. While it did introduce a little frustration, what did remediate that was the explanations that the software provided.

Veracode's false positive rate is low.

I recently encountered a Veracode false positive, but we immediately mitigated it on our end. Veracode also filed the case and will include it in their code to mark it as a false positive. We took action after that.

We can see that false positives are quite low, around five to ten percent.

We don't have many false positives. We're using the tool's default rules and haven't done much customization. We can feel confident in the solution's results.