Overview
Product Information on Veracode
What is Veracode?
Veracode Pricing
Overall experience with Veracode
“Customizable Reporting Valued Despite Difficult Self-Help Navigation And Slow Scans”
“Veracode Offers Strong SCA Features But Faces Criticism For Cloud-Only Approach”
About Company
Company Description
Veracode is a software security firm focused on identifying flaws and vulnerabilities across all stages of the software development lifecycle. The foundation of Veracode's approach lies in its Software Security Platform, which uses advanced AI algorithms trained on vast datasets of code. This allows for faster and more precise identification and rectification of security flaws. Veracode's mission is to evolve the concept of software security, ensuring it stays aligned with the dynamic needs of today's software development processes.
Company Details
Do You Manage Peer Insights at Veracode?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Veracode
Reviewer Insights for: Veracode
Performance of Veracode Across Market Features
Veracode Likes & Dislikes
UI is intuitive and the reporting options are customizable to give our clients the assurance they are looking for while not oversharing sensitive information.
good TCO with a quote based pricing, may be too expensive for startups. good policy customization
- it allows to perform multiple sandbox scans not affecting the overall compliance status of the project - Veracode has rich UI allowing to analyze and triage the findings - There are great explanations of the findings, including links to the source documents and training materials
Multiple senior level resources required for setup and periodic reviews. The scans can be painfully slow if your team does not take enough time to optimize the binaries for scanning. Self-help resources can be difficult to navigate.
cloud only model (no opn prem), large scans may slow the CI process. expensive. you need to be familiar with the tool in order to operate it well
- lot of false positive findings caused by not considering the overall structure of a project and dependencies; - slow assessment even of a quite small projects; - limited support of Python/JavaScript projects
Top Veracode Alternatives
Peer Discussions
Veracode Reviews and Ratings
- VP, RISK AND COMPLIANCE<50M USDSoftwareReview Source
Customizable Reporting Valued Despite Difficult Self-Help Navigation And Slow Scans
Veracode is an accepted and respected vendor in our market. Their onboarding team was very helpful and support is responsive. There was a point in time where a bug resulted in extra work on our end while they chased it, which was seemingly mishandled and took longer than expected, which is the reason I cannot give five stars. - IT OPS SPECIALIST10B+ USDBankingReview Source
Rich Explanations Provided, But False Positives and Speed Persist as Major Issues
Veracode does a great job in finding the potential security flaws in code. Yet its limited intelligence on the overall project structure provides a lot of false positive findings. Also its support of the Python/JavaScript projects is quite limited - IT SECURITY & RISK MANAGEMENT ASSOCIATE50M-1B USDTravel and HospitalityReview Source
Effective Application Security Tool Offering clear Remediation and Strong Reporting
My overall experience with Veracode has been positive. The platform provides reliable static and dynamic analysis with clear, actionable insights. The reporting dashboard is intuitive, and the remediation guidance is helpful for prioritizing vulnerablities. - CO FOUNDER, PARTNER<50M USDServices (non-Government)Review Source
Veracode Offers Strong SCA Features But Faces Criticism For Cloud-Only Approach
Veracode is a mature appsec testing platform with good SCA capabilities - IT Services Associate50M-1B USDIT ServicesReview Source
Amazing Product
Amazing product. Loved the working principle and interface and also the way of testing and the results that it produced.