reviewer1360623 - PeerSpot reviewer
VP Engineering at a tech services company with 201-500 employees
Consultant
Download
Source code composition analysis helps with vulnerabilities and license compliance
Pros and Cons
  • "Veracode is a valuable tool in our secure SDLC process."
  • "It needs better controls to include/exclude specific sections when creating a report that can be shared externally with customers and prospects."

What is our primary use case?

Our primary use cases are for comprehensive security assessment using static analysis, dynamic analysis, source code composition, and manual penetration tests. We also use it for security training for developers.                         

How has it helped my organization?

Veracode is a valuable tool in our secure SDLC process.                                                        

What is most valuable?

Source code composition analysis for vulnerabilities and license compliance is the most valuable feature.                                                                                                 

What needs improvement?

It needs better controls to include/exclude specific sections when creating a report that can be shared externally with customers and prospects.  

Buyer's Guide
Veracode
April 2024
Free Report: Veracode Reviews and More
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
DOWNLOAD NOW
769,065 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Veracode for one year.

Which other solutions did I evaluate?

We also evaluated Synopsys.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user712167 - PeerSpot reviewer
General Manager - Application Security at a tech consulting company with 51-200 employees
Consultant
Download
Needs to improve service levels and capabilities versus competitors. Provides a wide range of platforms and technology assessments.
Pros and Cons
  • "Wide range of platforms and technology assessments."
  • "It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share."

How has it helped my organization?

PoC is in progress.

What is most valuable?

  • Application testing
  • False positives challenges
  • Wide range of platforms and technology assessments

What needs improvement?

It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

No.

How are customer service and technical support?

Customer Service:

A three out of 10.

Technical Support:

A two out of 10.

Which solution did I use previously and why did I switch?

Quality levels, service offerings, pricing, and mainly the features and abundance of technologies provided by others made us switch to a different solution.

What about the implementation team?

In-house.

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty high.

Which other solutions did I evaluate?

Yes. Checkmarx, SonarQube and Fortify Software.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Veracode Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2024
DOWNLOAD NOW
Buyer's Guide
Download our free Veracode Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
Veracode
April 2024
DOWNLOAD NOW
Quick Links
Learn More: Questions: