Skip to main content
TrustRadius
Veracode

Veracode

Overview

What is Veracode?

Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.

Read more

Learn from top reviewers

One-stop SDLC Security

Rating: 10 out of 10
December 19, 2024
IncentivizedVetted ReviewVerified User
We use Veracode as part of our SDLC, to provide for our SAST, DAST and SCA
Continue reading
Verified user
Manager
Veracode1 year of experience

Superior code scanning enabling faster and more secure code.

Rating: 9 out of 10
December 14, 2024
IncentivizedVetted ReviewVerified User
We use Veracode to perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA) scans against our code, repositories, and CI/CD pipelines for cod...
Continue reading
Verified user
Director
Veracode4 years of experience

My experience using Veracode tool

Rating: 9 out of 10
November 18, 2024
Vetted ReviewVerified User
I have been using Veracode for nearly 2 years, we are using its SAST and DAST features. Previously there was no source code validation in our software development life cycle. ...
Continue reading
Sairam Bathini
Team Lead - Information Technology
DevSecOps Engineer
DesIdea Software Technologies
Veracode3 years of experience

Good SaaS service for finding security vulnerabilities in code.

Rating: 9 out of 10
September 25, 2024
IncentivizedVetted ReviewVerified User
In my organization, Veracode is used as an enterprise mandate to scan any application or service built by the development teams before deploying it into higher or pre-producti...
Continue reading
Verified user
Team Lead
Veracode1 year of experience

My experience with Veracode

Rating: 7 out of 10
September 17, 2024
IncentivizedVetted ReviewVerified User
* We run static scans on a regular basis (integrated in our continuous integration) on all our major branches. * We review the Software Composition Analysis and the "Triage fl...
Continue reading
Nicolas Garcin
Engineer - Research & Development
R&D manager
Neoxam
Veracode5 years of experience
Log in with LinkedIn to see content from your network

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Video Reviews

1 video

View Playlist
Veracode Review: Provides Helpful Support When Troubleshooting Security Needs
02:38
Return to navigation

Pricing

View all pricing
Veracode

Veracode

N/A
Unavailable

What is Veracode?

Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

1090 people also want pricing

Alternatives Pricing

SonarQube Server

SonarQube Server

$160
per year per installation
What is SonarQube Server?

SonarQube is a code quality and vulnerability solution for development teams that integrates with CI/CD pipelines to ensure the software you produce is secure, reliable, and maintainable.

Indusface WAS

Indusface WAS

$59
per month
What is Indusface WAS?

Indusface Web Application Scanner provides an application security audit to detect a range of high-risk Vulnerabilities, Malware, and Critical CVEs.

Return to navigation

Product Details

What is Veracode?

The Veracode Platform provides a comprehensive approach to build and secure software and meet application risk management requirements through tools, solutions, AI-generated fixes and ASPM capabilities to gain visibility into vulnerabilities from code to cloud and quickly remediate them.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Veracode Screenshots

Screenshot of the Veracode Platform HomepageScreenshot of Static Analysis ScansScreenshot of Findings Status and History DashboardScreenshot of the Veracode Platform

Veracode Videos

Veracode Static Analysis Demo
Veracode Software Composition Analysis Demo
Veracode Dynamic Analysis Demo

Watch The Veracode Platform

Watch Manhattan Associates Success Story

Veracode Integrations

Veracode Competitors

Veracode Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesNorth America, EMEA, APAC, LATAM
Supported LanguagesJava, .NET, PHP, Android, iOS, JavaScript, Python

Veracode Downloadables

Frequently Asked Questions

Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.

Checkmarx, Snyk, and SonarQube Server are common alternatives for Veracode.

Reviewers rate Implementation Rating highest, with a score of 9.1.

The most common users of Veracode are from Enterprises (1,001+ employees).

Veracode Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)18%
Mid-Size Companies (51-500 employees)65%
Enterprises (more than 500 employees)17%
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
(1-5 of 137)

My experience using Veracode tool

Rating: 9 out of 10
November 18, 2024
SB
Sairam Bathini
DevSecOps Engineer
DesIdea Software Technologies (Information Technology & Services, 51-200 employees)
Vetted Review
Verified User
Veracode
3 years of experience
View profile
Likelihood to Recommend
It is best suited for the Agile model projects, where business will have the continuous releases of their products. Other than that I can't comment on the scenario where it is less appropriate as I need to experience it more.

One-stop SDLC Security

Rating: 10 out of 10
Incentivized
December 19, 2024
Verified User
Manager in Information Technology
Insurance Company, 11-50 employees
Vetted Review
Verified User
Veracode
1 year of experience
Likelihood to Recommend
Veracode might be less appropriate for small companies, which need the functionality but can’t afford it (yet)

Superior code scanning enabling faster and more secure code.

Rating: 9 out of 10
Incentivized
December 14, 2024
Verified User
Director in Information Technology
Computer Software Company, 51-200 employees
Vetted Review
Verified User
Veracode
4 years of experience
Likelihood to Recommend
Veracode has robust coverage of supported programming languages. We faced an issue with a competitor product where we could not scan compiled javascript (jar) files. Veracode is able to scan jar files no problem in addition to many other languages.

My experience with Veracode

Rating: 7 out of 10
Incentivized
September 17, 2024
NG
Nicolas Garcin
R&D manager
Neoxam (Information Technology & Services, 501-1000 employees)
Vetted Review
Verified User
Veracode
5 years of experience
View profile
Likelihood to Recommend
* (+) Report generation for our clients: reports are very comprehensive and look professional.
* (-) Veracode pipeline scan: takes too much time, need to split our application so that it can fit within the timeout (2h). Currently we're not able to use it, we still use "upload & scan" functionality in our CI pipelines. This is a showstopper to be able to break the build in case of new vuln, and also to use Fix AI based tool.

Good SaaS service for finding security vulnerabilities in code.

Rating: 9 out of 10
Incentivized
September 25, 2024
Verified User
Team Lead in Information Technology
Airlines/Aviation Company, 5001-10,000 employees
Vetted Review
Verified User
Veracode
1 year of experience
Likelihood to Recommend
Veracode is well suited for development applications that can be made more secure right from the beginning. There is an excellent extension in Visual Studio that scans code from the IDE. However, it is less appropriate or incompatible with scanning SOAP or WSDL APIs. It supports only REST APIs.
Return to navigation