What users are saying about
1 Rating
<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener'>Customer Verified: Read more.</a>
Top Rated
174 Ratings
1 Rating
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 5 out of 100

Veracode

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener'>Customer Verified: Read more.</a>
Top Rated
174 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.9 out of 100

Attribute Ratings

  • FOSSA is rated higher in 1 area: Support Rating
  • Veracode is rated higher in 1 area: Likelihood to Recommend

Likelihood to Recommend

5.0

FOSSA

50%
1 Rating
8.9

Veracode

89%
115 Ratings

Likelihood to Renew

FOSSA

N/A
0 Ratings
8.1

Veracode

81%
4 Ratings

Usability

FOSSA

N/A
0 Ratings
7.5

Veracode

75%
26 Ratings

Availability

FOSSA

N/A
0 Ratings
9.1

Veracode

91%
1 Rating

Performance

FOSSA

N/A
0 Ratings
6.4

Veracode

64%
1 Rating

Support Rating

10.0

FOSSA

100%
2 Ratings
7.9

Veracode

79%
59 Ratings

Implementation Rating

FOSSA

N/A
0 Ratings
7.3

Veracode

73%
2 Ratings

Configurability

FOSSA

N/A
0 Ratings
6.4

Veracode

64%
1 Rating

Ease of integration

FOSSA

N/A
0 Ratings
5.5

Veracode

55%
1 Rating

Product Scalability

FOSSA

N/A
0 Ratings
7.3

Veracode

73%
1 Rating

Vendor post-sale

FOSSA

N/A
0 Ratings
6.0

Veracode

60%
2 Ratings

Vendor pre-sale

FOSSA

N/A
0 Ratings
8.2

Veracode

82%
1 Rating

Likelihood to Recommend

FOSSA

The only issue we have had is sometimes the web app is too slow, and that causes issues with us wanting to continue to use FOSSA over going with another tool. That is the only problem. I noticed it happened more recently, but if that is solved now or will be solved, I would 100% recommend this tool to anyone!
Read full review

Veracode

I think that Veracode is a good basic code scan in order to ensure code security. It is super easy to integrate into CI-CD processes and offers good protection against common code vulnerabilities. It is less appropriate to consider it as the ONLY security consideration for your application.
Read full review

Pros

FOSSA

  • Setup of tool.
  • Speed of scans.
  • Automated emails with reports.
Read full review

Veracode

  • The pipeline scan is a very fast way to scan code and inform developers if a new flaw is introduced by their pull requests.
  • Upload & Scan provides an in-depth analysis of the codebase, which features like reporting being made easy.
  • SCA Scans help us not only identify the vulnerabilities but also in helping fix them and in identifying if our application is using that part of the vulnerable library or not.
  • Veracode is very easy to integrate into the CI/CD pipelines (especially Jenkins)
Read full review

Cons

FOSSA

  • Interface for loading results can be slow, this is the #1 issue we have faced.
  • Speed of scans could be improved.
Read full review

Veracode

  • Build a ticket management screen into the platform
  • Easier integrations to SSO/SAML
  • A different method of having API users, they should be either integrated into the team (an API key as part of the team) or at least separate from the regular user area.
Read full review

Pricing Details

FOSSA

Starting Price

Editions & Modules

FOSSA editions and modules pricing
EditionModules

Footnotes

    Offerings

    Free Trial
    Free/Freemium Version
    Premium Consulting/Integration Services

    Entry-level set up fee?

    No setup fee

    Additional Details

    Veracode

    Starting Price

    Editions & Modules

    Veracode editions and modules pricing
    EditionModules

    Footnotes

      Offerings

      Free Trial
      Free/Freemium Version
      Premium Consulting/Integration Services

      Entry-level set up fee?

      No setup fee

      Additional Details

      Developer pricing options available

      Pricing Info

      Likelihood to Renew

      FOSSA

      No answers on this topic

      Veracode

      At this time, and we just renewed a month ago, I dont see any products out there overall that can offer what Veracode does. Yes, its not cheap by any means, but for the money its the best application security scanning tool out there.
      Read full review

      Usability

      FOSSA

      No answers on this topic

      Veracode

      - Almost no setup required and easy to configure - Very easy to use, intuitive UI with integrated analytics and learning portals. - Seamless to review the results, triage them, generate reports. - Security progression of the product/application is tracked via successive scans. - Privileges/Roles nicely fine grained and tightly controlled to let teams "view" only their products.
      Read full review

      Reliability and Availability

      FOSSA

      No answers on this topic

      Veracode

      Veracode has always been up and available to us.
      Read full review

      Performance

      FOSSA

      No answers on this topic

      Veracode

      At this point, it runs well and mostly in a timely fashion. Dynamic scans take days but this may be a config issue still to be resolved.
      Read full review

      Support Rating

      FOSSA

      Never needed support but the chat and help seem forefront of the app!
      Read full review

      Veracode

      Secure code training it's a great option to enable developers in the security world, it's a dynamic platform that helps to understand the vulnerabilities and how to fix them in a real environment, and the documentation contains all the information you need to understand all the functions of the Veracode platform.
      Read full review

      Implementation Rating

      FOSSA

      No answers on this topic

      Veracode

      We use it as a SAS service, so really just getting our teams to mold the use of Veracode into their SDLC has been a process of years in the making. It comes down to what your teams are ready and willing to accept and change. Management is key in getting their groups on board with using it regularly. If it doesnt have management backing, your security teams have little to no influence in getting this process off the ground fully.
      Read full review

      Alternatives Considered

      FOSSA

      BlackDuck and Synk
      Read full review

      Veracode

      I have used SonarQube for code quality and security analysis in the past, but Veracode's Software Composition Analysis analysis makes a big difference in terms of identifying vulnerabilities in dependencies. It would make it a lot easier if the IDE plugin could show the transitive dependency the introduces the vulnerabilities. I'm very pleased [in] Veracode reporting so far.
      Read full review

      Scalability

      FOSSA

      No answers on this topic

      Veracode

      It meets our needs.
      Read full review

      Return on Investment

      FOSSA

      • Hard to measure the ROI, but no doubt having licenses be above board is fantastic for protection of your software.
      • Caused developers to make more informed decisions.
      Read full review

      Veracode

      • Veracode's tools can perform in a couple of hours what would take us weeks to do.
      • Our customers--rightfully--expect a high degree of security from us.
      • It's easy to integrate Veracode into a CI pipeline allowing you to catch flaws while the code changes are fresh in your mind.
      Read full review

      Screenshots

      Add comparison