Our primary use cases are for comprehensive security assessment using static analysis, dynamic analysis, source code composition, and manual penetration tests. We also use it for security training for developers.
VP Engineering at a tech services company with 201-500 employees
Source code composition analysis helps with vulnerabilities and license compliance
Pros and Cons
- "Veracode is a valuable tool in our secure SDLC process."
- "It needs better controls to include/exclude specific sections when creating a report that can be shared externally with customers and prospects."
What is our primary use case?
How has it helped my organization?
Veracode is a valuable tool in our secure SDLC process.
What is most valuable?
Source code composition analysis for vulnerabilities and license compliance is the most valuable feature.
What needs improvement?
It needs better controls to include/exclude specific sections when creating a report that can be shared externally with customers and prospects.
Buyer's Guide
Veracode
April 2024
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
769,065 professionals have used our research since 2012.
For how long have I used the solution?
I have been using Veracode for one year.
Which other solutions did I evaluate?
We also evaluated Synopsys.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
General Manager - Application Security at a tech consulting company with 51-200 employees
Needs to improve service levels and capabilities versus competitors. Provides a wide range of platforms and technology assessments.
Pros and Cons
- "Wide range of platforms and technology assessments."
- "It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share."
How has it helped my organization?
PoC is in progress.
What is most valuable?
- Application testing
- False positives challenges
- Wide range of platforms and technology assessments
What needs improvement?
It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share.
What do I think about the stability of the solution?
No.
What do I think about the scalability of the solution?
No.
How are customer service and technical support?
Customer Service:
A three out of 10.
Technical Support:
A two out of 10.
Which solution did I use previously and why did I switch?
Quality levels, service offerings, pricing, and mainly the features and abundance of technologies provided by others made us switch to a different solution.
What about the implementation team?
In-house.
What's my experience with pricing, setup cost, and licensing?
The pricing is pretty high.
Which other solutions did I evaluate?
Yes. Checkmarx, SonarQube and Fortify Software.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Veracode Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2024
Product Categories
Application Security Tools Application Security Testing (AST) Container Security Software Composition Analysis (SCA) Penetration Testing Services Static Code AnalysisPopular Comparisons
SonarQube
Prisma Cloud by Palo Alto Networks
Checkmarx One
Snyk
GitLab
Black Duck
Coverity
OWASP Zap
Mend.io
Sonatype Lifecycle
Fortify on Demand
PortSwigger Burp Suite Professional
Orca Security
SonarCloud
Buyer's Guide
Download our free Veracode Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Veracode and Checkmarx?
- Which gives you more for your money - SonarQube or Veracode?
- Checkmarx or Veracode. Which should we choose?
- Would you recommend Veracode? What are some of your use cases?
- Checkmarx vs SonarQube; SonarQube interoperability with Checkmarx or Veracode
- What do I scan when changing code in Veracode?
- If you had to both encrypt and compress data during transmission, which would you do first and why?
- When evaluating Application Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- What are the Top 5 cybersecurity trends in 2022?