Technical Architect at a tech vendor with 201-500 employees
User
Feb 5, 2020
I would recommend Veracode. Our uses cases included removing vulnerable code from our Product and ensuring the product is secure. Veracode helps us in regularly scanning our code base and reporting our vulnerabilities which we can fix before exploited. The static scan and SCA reports are the important once. Besides, the Veracode Verified program helps us showcase our security posture to our customers to win their trust
Head of Software Delivery at a tech services company with 51-200 employees
Real User
Jul 9, 2020
I would recommend them. They have the ability to cover multiple languages and come with all the features you would expect from a paid solution. But do note, it is a paid solution.
The Veracode guys are good though and will happily walk you through the solutions they offer to make sure the proposal is one that actually fits your problem, rather than try to sell it to you when it doesn't make sense etc.
Senior Project Manager at a computer software company with 1,001-5,000 employees
Real User
Jul 8, 2020
It depends on whether Veracode is recommended or not completely based on the technology they are using. for JAVA applications yes recommended. but for python maybe not much usefull.
Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.
Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis...
I would recommend Veracode. Our uses cases included removing vulnerable code from our Product and ensuring the product is secure. Veracode helps us in regularly scanning our code base and reporting our vulnerabilities which we can fix before exploited. The static scan and SCA reports are the important once. Besides, the Veracode Verified program helps us showcase our security posture to our customers to win their trust
I would recommend them. They have the ability to cover multiple languages and come with all the features you would expect from a paid solution. But do note, it is a paid solution.
The Veracode guys are good though and will happily walk you through the solutions they offer to make sure the proposal is one that actually fits your problem, rather than try to sell it to you when it doesn't make sense etc.
It depends on whether Veracode is recommended or not completely based on the technology they are using. for JAVA applications yes recommended. but for python maybe not much usefull.