Veracode

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Veracode
Score 8.7 out of 10
Mid-Size Companies (51-1,000 employees)
Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.N/A
Pricing
Veracode
Editions & Modules
No answers on this topic
Offerings
Pricing Offerings
Veracode
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level Setup FeeNo setup fee
Additional DetailsDeveloper pricing options available
More Pricing Information
Community Pulse
Veracode
Considered Both Products
Veracode
Chose Veracode
Veracode is slower with scan results however the flaws discovered and sites crawled are almost the same. Rapid7 InsightAppSec only does dynamic scans. Veracode did find more links on a site crawl. Rapid7 InsightAppSec has more out of the box reports than Veracode. Both …
Chose Veracode
Veracode is easier to integrate and faster than FOSSA although Mend has more visual features
Chose Veracode
SonarQube is faster and can be free, but the security scanning capabilities are a joke compared to Veracode.
Unlike SonarQube, Veracode goes deeper into finding a very wide variety of vulnerabilities and best practices that should be applied to software and provides reporting …
Chose Veracode
Veracode has been longer on the market and has build the good reputation. We appreciate that they constantly improving the quality of their software and adding new features.
Chose Veracode
Reduced false positives, developers can identify vulnerabilities at early stage -shift left process. The security labs help developers.
Chose Veracode
Veracode is more thorough and provides a wider variety of tools than the competition. Support is prompt and very eager to make sure we get the help we need as quickly as possible. If Support can't resolve it right away, they will make sure we are connected to one of their …
Chose Veracode
Veracode stands out as the best of breed for all types of AppSec scanners.
Chose Veracode
Veracode was brought in to supplement services previously provided by other vendors. As our org recently acquired another organization, we identified Veracode as a 'go-forward' system needed to consolidate security tooling in the organization.
Chose Veracode
Mend.IO formerly WhiteSource software is a product we used prior to Vericode. It did not have all of the capabilities or depth of Vericode. Additionally, Whitesource did not offer automatic scanning as part of their product and there was no Certification program to speak of.
Chose Veracode
My experience with Veracode has been the most productive since I started working with enterprise security monitoring systems. The application has efficient set of coding tools that is not available in other software development systems. It has modern data management tools that …
Chose Veracode
We used Accunetix as well mainly for web site security testing. We used Veracode for code and third party analysis.
Chose Veracode
Sonar cube was quicker, but not as thorough. Both integrated into our CI/CD pipeline, however the integration for Veracode is more straight forward.
Chose Veracode
Veracode is much better at uncovering security weaknesses and providing information and consulting. I use Veracode because our company decided for.
Chose Veracode
The maturity of the Veracode and the continuous improvements in its products it's one of the principal characteristics of chosee it, Veracode it's a SaaS platform and was born in the cloud, so this is a great option for our clients to be quick to implement also the easy of …
Chose Veracode
Checkmarx and Veracode have a few common points and some features which are different. Checkmarx UI is more user-friendly, but the level of detailing in Veracode reports is better. Veracode is a good choice for static analysis of code. if the user interface can be made smoother …
Chose Veracode
As the developer, not the business stakeholder, I did not select Veracode specifically. However, after using the application I believe it was the right choice. Veracode is thorough in its analyses, in its database of flaws, in its methodology of uncovering vulnerabilities, and …
Chose Veracode
One Stop solution for security evaluation. Others were not so accurate and covering all the scenarios we were looking to plug.
Chose Veracode
Veracode is the clear choice. We evaluated the other products, but none compared to Veracode as an industry standard.
Chose Veracode
During the course of our using Veracode, we still do evaluate other platforms to see what they offer, and how they compare to Veracode. I do most of the evaluations myself, and I still come back to Veracode as being the overall best platform. Most every platform, for better …
Top Pros
Top Cons
Best Alternatives
Veracode
Small Businesses
GitLab
GitLab
Score 8.8 out of 10
Medium-sized Companies
GitLab
GitLab
Score 8.8 out of 10
Enterprises
GitLab
GitLab
Score 8.8 out of 10
All AlternativesView all alternatives
User Ratings
Veracode
Likelihood to Recommend
9.5
(128 ratings)
Likelihood to Renew
8.2
(7 ratings)
Usability
7.3
(27 ratings)
Availability
9.1
(1 ratings)
Performance
6.4
(1 ratings)
Support Rating
7.9
(66 ratings)
Implementation Rating
7.3
(2 ratings)
Configurability
6.4
(1 ratings)
Ease of integration
5.5
(1 ratings)
Product Scalability
7.3
(1 ratings)
Vendor post-sale
8.9
(2 ratings)
Vendor pre-sale
8.2
(1 ratings)
User Testimonials
Veracode
Likelihood to Recommend
Veracode
Veracode is good at identifying flaws that does not adhere to the OWASP top 10 security controls. Therefore, a Junior developer could produce code and flaws will be caught. There is also the software composition analysis that provided a view into third-party dependencies. Veracode may not be suited in cases where you need to have your scan results in a short amount of time.
Read full review
Pros
Veracode
  • Veracode's static code analysis platform provides in-depth information as well as very useful suggestions regarding mitigation for flaws it discovers. This is very helpful in assisting developers towards a speedy and complete mitigation.
  • Veracode does well to keep connected with their customers, ensuring the success of their customers on their platform is evidently one of their goals which they hold highly. This responsiveness continues into their technical support which is both helpful and fast to respond.
  • Veracode continues to update their platforms, their capabilities, and their research often; the promise of continuous improvement from all facets provides value to us as an organization.
Read full review
Cons
Veracode
  • MPT Results should be segmented from DAST/SAST results.
  • MPT Reports should include more information on scoping and testing dates as generally provided by accounting firms conducting similar tests.
  • Vulnerability readouts should not be so hidden in the platform (It shouldn't take as many clicks to get to and view).
Read full review
Likelihood to Renew
Veracode
At this time, and we just renewed a month ago, I dont see any products out there overall that can offer what Veracode does. Yes, its not cheap by any means, but for the money its the best application security scanning tool out there.
Read full review
Usability
Veracode
- Almost no setup required and easy to configure - Very easy to use, intuitive UI with integrated analytics and learning portals. - Seamless to review the results, triage them, generate reports. - Security progression of the product/application is tracked via successive scans. - Privileges/Roles nicely fine grained and tightly controlled to let teams "view" only their products.
Read full review
Reliability and Availability
Veracode
Veracode has always been up and available to us.
Read full review
Performance
Veracode
At this point, it runs well and mostly in a timely fashion. Dynamic scans take days but this may be a config issue still to be resolved.
Read full review
Support Rating
Veracode
Overall, Veracode support is helpful, community support is great, and documentation is available for self-service. Our Customer Success Manager is very helpful and reaches out regularly to see if we need assistance. We have not utilized many of the other resources offered by Veracode, however, in the future we would like to leverage secure coding training for our Development teams.
Read full review
Implementation Rating
Veracode
We use it as a SAS service, so really just getting our teams to mold the use of Veracode into their SDLC has been a process of years in the making. It comes down to what your teams are ready and willing to accept and change. Management is key in getting their groups on board with using it regularly. If it doesnt have management backing, your security teams have little to no influence in getting this process off the ground fully.
Read full review
Alternatives Considered
Veracode
Mend.IO formerly WhiteSource software is a product we used prior to Vericode. It did not have all of the capabilities or depth of Vericode. Additionally, Whitesource did not offer automatic scanning as part of their product and there was no Certification program to speak of.
Read full review
Scalability
Veracode
It meets our needs.
Read full review
Return on Investment
Veracode
  • Developers are now realizing that security is there to help them, not just the people saying NO.
  • When setting up Veracode integrations we found that Devs really like their IDEs and Repos. It's like a personal choice. However, as a company, it was unwieldy without devoting people to Veracode integrations to have so many so we had to slime the available IDEs to 3 and Repos to 3, just to be able to set up and maintain the integrations.
  • Veracode is paying for itself (though through a different cost category). Our Development costs are going down and releases are getting quicker and more agile.
Read full review
ScreenShots

Veracode Screenshots

Screenshot of the Veracode Platform HomepageScreenshot of Static Analysis ScansScreenshot of Findings Status and History DashboardScreenshot of the Veracode Platform