2020-02-09T08:17:05Z

What do you like most about Veracode Software Composition Analysis?

Miriam Tover - PeerSpot reviewer
  • 0
  • 5
PeerSpot user
Get the report
Helped 765,386 peers since 2012
13

13 Answers

Jesus Montes Ceron - PeerSpot reviewer
Reseller
Top 10
2023-08-14T16:00:17Z
Aug 14, 2023

The coverage of backdoors attacks on security that's the most valuable for my clients.

Search for a product comparison
Muhammed Shabreen - PeerSpot reviewer
Real User
Top 10
2022-05-12T16:57:00Z
May 12, 2022

It is a good product for creating secure software. The static code analysis is pretty good and useful.

Fiorina Liberta - PeerSpot reviewer
Real User
Top 10
2022-04-25T09:34:00Z
Apr 25, 2022

The most valuable feature is the security and vulnerability parts of the solution. It shows medium to high vulnerabilities so we can find them, then upgrade our model before it is too late. It is useful because it automates security. Also, it makes things more efficient. So, there is no need for the security team to scan every time. The application team can update it whenever possible in development.

Evan Gertis - PeerSpot reviewer
Real User
2021-09-14T17:39:00Z
Sep 14, 2021

The solution's ability to help create secure software is very valuable. We're a zero-trust networking company so we want to have the ability to say that we're practicing security seriously. Having something like Veracode allows us to have confidence when we're speaking to people about our product that we can back up what we're doing with a certification, with a reputable platform, and say, "This is what we're using to scan an application. Here's the number of vulnerabilities that are on an application. And here's the risk that we're accepting."

Jagusztin Laszlo - PeerSpot reviewer
Real User
2021-09-13T11:17:00Z
Sep 13, 2021

For use cases where our company buys a product with the source code, but only the final executables or the binaries, only Veracode is able to work on that type of tool.

NS
Real User
2020-12-29T10:56:00Z
Dec 29, 2020

There have been a lot of benefits gained from Veracode. Compared to other tools, Veracode has good flexibility with an easy way to run a scan. We get in-depth details on how to fix things and go through the process. They provide good process documents, community, and consultation for any issues that occur during the use of Veracode.

Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
AB
Consultant
2020-12-20T08:24:00Z
Dec 20, 2020

Within SCA, there is an extremely valuable feature called vulnerable methods. It is able to determine within a vulnerable library which methods are vulnerable. That is very valuable, because in the vast majority of cases where a library is vulnerable, none of the vulnerable methods are actually used by the code. So, if we want to prioritize the way open source libraries are updated when a library is found vulnerable, then we want to prioritize the libraries which have vulnerable methods used within the code.

DJ
Real User
2020-11-20T11:13:00Z
Nov 20, 2020

The dependency graph visualization provides the ability to see nested dependencies within libraries for pinpointing vulnerabilities.

Raj Nachiappan - PeerSpot reviewer
Real User
Top 20
2020-07-26T08:19:12Z
Jul 26, 2020

The most valuable feature is the dynamic application security testing.

AE
Real User
2020-03-16T06:56:15Z
Mar 16, 2020

The article scanning is excellent.

CG
Real User
2020-03-16T06:56:00Z
Mar 16, 2020

This is a great tool for learning about potential vulnerabilities in code.

HJ
Real User
2020-03-09T08:07:51Z
Mar 9, 2020

The solution is stable. we've never had any issues surrounding its stability.

AC
Consultant
2020-02-09T08:17:05Z
Feb 9, 2020

The most valuable feature is the efficiency of the tool in finding vulnerabilities.

Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing. Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references....
Download Veracode ReportRead more

Related Q&As