No more typing reviews! Try our Samantha, our new voice AI agent.
Veracode Logo

Veracode pros and cons

Vendor: Veracode
4.0 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Veracode delivers fast, comprehensive scanning to quickly detect software vulnerabilities, enhancing application security. Its cloud-based platform integrates with various tools for automated vulnerability management. Static and dynamic analysis identifies vulnerabilities early, ensuring secure deployments. Developers gain insight into vulnerabilities and effective remediation strategies. Technical support offers expert guidance. However, improved programming language support, reduced false positives, better pipeline integration, optimized scan times, and enhanced documentation are needed enhancements.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Veracode provides fast and comprehensive scanning capabilities that help detect a wide range of software vulnerabilities quickly, improving application security.
Veracode's cloud-based platform supports seamless integration with multiple tools and platforms, enabling automated vulnerability management in the software development lifecycle.
Veracode's robust static and dynamic analysis aids in identifying and mitigating vulnerabilities early in development, ensuring secure code deployment.
Veracode enables developers to comprehend vulnerabilities and apply remediation strategies effectively, reducing the risk of insecure software in production environments.
Veracode's technical support and security consultation services are highly regarded for providing timely assistance and expert guidance to enhance developers' security practices.

CONS

Veracode needs to improve its support for more programming languages and frameworks.
Veracode reports a high number of false positives, which should be reduced.
Better integration with development pipelines and more flexible APIs are required for Veracode.
Veracode's scanning process is time-consuming, especially for large applications, and should be optimized.
Documentation and technical support from Veracode need enhancements for better user assistance.
 

Veracode Pros review quotes

reviewer2703864 - PeerSpot reviewer
reviewer2703864
Head of Security Architecture at a healthcare company with 5,001-10,000 employees
May 8, 2025
Veracode Fix has affected our time to remediate security flaws in cases where we've been able to use it correctly because the proposals were on point, and it's been great.
Read full review
SR
SrikanthRaghavan
Principal Architect at a consultancy with 11-50 employees
May 19, 2025
All three of Veracode's offerings are valuable: SCA, SAST, and DAST. It helps identify security loopholes right in the development phase, allowing developers to get feedback around what kind of vulnerabilities exist as soon as they check in the code or even before that in their IDE.
Read full review
DK
Dristi Kurre
Lead Information Security Analyst at a financial services firm with 10,001+ employees
May 29, 2025
Veracode has impacted our overall security posture because we are from a security background. Every week, we review the dashboards of open findings.
Read full review
Buyer's Guide
Veracode
April 2026
Free Report: Veracode Reviews and More
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
893,164 professionals have used our research since 2012.
reviewer2753535 - PeerSpot reviewer
reviewer2753535
DevSecOps Engineer at a tech services company with 1,001-5,000 employees
Aug 28, 2025
We used Veracode to improve our security posture and speed up the time to market by streamlining the development process, which enhanced collaboration between developers, operations, and security teams.
Read full review
reviewer2700198 - PeerSpot reviewer
reviewer2700198
IT App Security Senior Analyst at a transportation company with 10,001+ employees
Apr 29, 2025
The most valuable features include the total developer experience, along with regulator exposure and DevOps pipeline. It encompasses everything as an enterprise solution.
Read full review
YS
Yash Shende
Software Development Engineer II at Rocket Software
Jan 6, 2026
One benefit is that we have automated the scanning process.
Read full review
reviewer2780568 - PeerSpot reviewer
reviewer2780568
Senior Infrastructure Specialist at a media company with 10,001+ employees
Nov 24, 2025
Veracode saves us a lot in terms of security, ensuring that external users or others cannot easily hack our system, which is the main motive for using Veracode.
Read full review
reviewer2731785 - PeerSpot reviewer
reviewer2731785
Information Security Strategy at a insurance company with 10,001+ employees
Jun 30, 2025
The integrated IDE tool enables users to get instant feedback in real-time on the code itself, rather than waiting for it to go through the CI/CD pipeline and get the result.
Read full review
reviewer2776002 - PeerSpot reviewer
reviewer2776002
Lead Application Security Engineer at a university with 501-1,000 employees
Nov 12, 2025
Veracode has positively impacted my organization by helping secure our critical applications, and it has impacted very well.
Read full review
HS
Himadri Subudhi
Works
Apr 2, 2025
The best features in Veracode include static analysis and the early detection of vulnerable libraries; it integrates with tools such as Jenkins.
Read full review
Show 10 more reviews (out of 201)
 

Veracode Cons review quotes

reviewer2703864 - PeerSpot reviewer
reviewer2703864
Head of Security Architecture at a healthcare company with 5,001-10,000 employees
May 8, 2025
I have contacted the technical support and customer support. With Veracode's technical support, for some issues, it has been really difficult for them to understand the problem, and they ask us to do some tests we've already told them we completed in the first ticket.
Read full review
SR
SrikanthRaghavan
Principal Architect at a consultancy with 11-50 employees
May 19, 2025
It would be better if we had a channel for direct communication with the engineering team to speed up the process of providing feedback.
Read full review
DK
Dristi Kurre
Lead Information Security Analyst at a financial services firm with 10,001+ employees
May 29, 2025
The scanning process could be more streamlined as it has certain limitations when performing manual scans.
Read full review
Buyer's Guide
Veracode
April 2026
Free Report: Veracode Reviews and More
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
893,164 professionals have used our research since 2012.
reviewer2753535 - PeerSpot reviewer
reviewer2753535
DevSecOps Engineer at a tech services company with 1,001-5,000 employees
Aug 28, 2025
When we implement a policy, it can be very difficult to locate.
Read full review
reviewer2700198 - PeerSpot reviewer
reviewer2700198
IT App Security Senior Analyst at a transportation company with 10,001+ employees
Apr 29, 2025
A nice addition would be if it could be extended for scenarios with custom cleansers.
Read full review
YS
Yash Shende
Software Development Engineer II at Rocket Software
Jan 6, 2026
In my opinion, Veracode lacks significantly in most parts, including its UI, its reporting, ease of use, and the features that it provides.
Read full review
reviewer2780568 - PeerSpot reviewer
reviewer2780568
Senior Infrastructure Specialist at a media company with 10,001+ employees
Nov 24, 2025
Veracode has areas for improvement in that the scan takes some time for each Jar depending on the size.
Read full review
reviewer2731785 - PeerSpot reviewer
reviewer2731785
Information Security Strategy at a insurance company with 10,001+ employees
Jun 30, 2025
Veracode needs to shift to a more modern approach because it still feels traditional in its way of doing code scanning compared with others, such as Snyk.
Read full review
reviewer2776002 - PeerSpot reviewer
reviewer2776002
Lead Application Security Engineer at a university with 501-1,000 employees
Nov 12, 2025
Veracode can be improved with more integrations, more automations, enhanced API features, and more advanced analytics.
Read full review
HS
Himadri Subudhi
Works
Apr 2, 2025
I noticed there is no integration with Bamboo.
Read full review
Show 10 more reviews (out of 201)

Product Categories

Product Categories
Application Security Tools
Static Application Security Testing (SAST)
Container Security
Software Composition Analysis (SCA)
Static Code Analysis
Dynamic Application Security Testing (DAST)
Application Security Posture Management (ASPM)

Popular Comparisons

Popular Comparisons
SonarQube vs Veracode Logo
SonarQube vs Veracode
Wiz vs Veracode Logo
Wiz vs Veracode
Snyk vs Veracode Logo
Snyk vs Veracode
Microsoft Defender for Cloud vs Veracode Logo
Microsoft Defender for Cloud vs Veracode
Prisma Cloud by Palo Alto Networks vs Veracode Logo
Prisma Cloud by Palo Alto Networks vs Veracode
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
GitLab vs Veracode Logo
GitLab vs Veracode
CrowdStrike Falcon Cloud Security vs Veracode Logo
CrowdStrike Falcon Cloud Security vs Veracode
Orca Security vs Veracode Logo
Orca Security vs Veracode
JFrog Xray vs Veracode Logo
JFrog Xray vs Veracode
Coverity Static vs Veracode Logo
Coverity Static vs Veracode
Black Duck SCA vs Veracode Logo
Black Duck SCA vs Veracode
Acunetix vs Veracode Logo
Acunetix vs Veracode
PortSwigger Burp Suite Professional vs Veracode Logo
PortSwigger Burp Suite Professional vs Veracode
Mend.io vs Veracode Logo
Mend.io vs Veracode
See all alternatives

Product Categories

Product Categories
Application Security Tools
Static Application Security Testing (SAST)
Container Security
Software Composition Analysis (SCA)
Static Code Analysis
Dynamic Application Security Testing (DAST)
Application Security Posture Management (ASPM)

Popular Comparisons

Popular Comparisons
SonarQube vs Veracode Logo
SonarQube vs Veracode
Wiz vs Veracode Logo
Wiz vs Veracode
Snyk vs Veracode Logo
Snyk vs Veracode
Microsoft Defender for Cloud vs Veracode Logo
Microsoft Defender for Cloud vs Veracode
Prisma Cloud by Palo Alto Networks vs Veracode Logo
Prisma Cloud by Palo Alto Networks vs Veracode
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
GitLab vs Veracode Logo
GitLab vs Veracode
CrowdStrike Falcon Cloud Security vs Veracode Logo
CrowdStrike Falcon Cloud Security vs Veracode
Orca Security vs Veracode Logo
Orca Security vs Veracode
JFrog Xray vs Veracode Logo
JFrog Xray vs Veracode
Coverity Static vs Veracode Logo
Coverity Static vs Veracode
Black Duck SCA vs Veracode Logo
Black Duck SCA vs Veracode
Acunetix vs Veracode Logo
Acunetix vs Veracode
PortSwigger Burp Suite Professional vs Veracode Logo
PortSwigger Burp Suite Professional vs Veracode
Mend.io vs Veracode Logo
Mend.io vs Veracode
See all alternatives
Related questions
  • 51
What is the biggest difference between Veracode and Checkmarx?
  • 103
Which gives you more for your money - SonarQube or Veracode?
  • 92
Checkmarx or Veracode. Which should we choose?
  • 26
Would you recommend Veracode? What are some of your use cases?
  • 107
Checkmarx vs SonarQube; SonarQube interoperability with Checkmarx or Veracode
  • 30
What do I scan when changing code in Veracode?
  • 227
If you had to both encrypt and compress data during transmission, which would you do first and why?
  • 153
When evaluating Application Security, what aspect do you think is the most important to look for?
  • 274
What are the threats associated with using ‘bogus’ cybersecurity tools?
  • 243
What are the Top 5 cybersecurity trends in 2022?