Veracode, a great security tool for everyone
To be SoC2 and ISO compliant and also to protect our SaaS, we are using this tool to scan every component that we build for SA and SCA.
we …
we …
Overview
What is Veracode?
Veracode is an application security platform that performs five types of analysis; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Veracode offers on-demand expertise and aims to help companies fix security defects.
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
- Veracode continues to update their platforms, their capabilities, and their research often; the promise of continuous improvement from all facets prov...
- We would also like to see Veracode continue to improve their dynamic scan offerings; with the recent addition of DAST Essentials we feel this improvem...
Video Reviews
1 video
Veracode Review: Provides Helpful Support When Troubleshooting Security Needs
02:38
Pricing
N/A
Unavailable
What is Veracode?
Veracode is an application security platform that performs five types of analysis; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Veracode offers on-demand expertise and aims to help companies fix security defects.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
936 people also want pricing
Alternatives Pricing
What is SonarQube?
SonarQube is a code quality and vulnerability solution for development teams that integrates with CI/CD pipelines to ensure the software you produce is secure, reliable, and maintainable.
What is Indusface WAS?
Indusface Web Application Scanner provides an application security audit to detect a range of high-risk Vulnerabilities, Malware, and Critical CVEs.
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is Veracode?
The Veracode platform is a software security solution that aims to be pervasive but not invasive, embedded into the environments that developers work in, with recommended fix and in-context learning. Security teams can use Veracode to manage policy, gain a comprehensive view of an organization's security posture though analytics and reporting, mitigate risks, and produce the evidence necessary to meet regulatory requirements.
It is presented as an always-on, continuous orchestration of secure development that gives organizations the confidence that the software being built is secure and meets compliance requirements.
Veracode Features
- Supported: Continuous Scanning to reduce risks at every phase of development - Veracode Static Analysis, Dynamic Analysis, Software Composition Analysis, and Manual Penetration Test throughout SDLC.
- Supported: Developer Experience - Finds and fixes laws in line with security integration into where developers work, automated remediation guidance, and in-context learning.
- Supported: Comprehensive Platform Experience - Streamlined governance, risk and compliance processes through flexible policy management, unified reporting and analytics, and peer benchmarking to mitigate risks fast and deliver a successful DevSecOpsprogram.
- Supported: Market Expansion - To meet data residency needs in EU with cloud-native instance built in Frankfurt, Germany on AWS.
- Supported: Contextual Platform Data - Fine-tuned with nearly 2 decades of scanning and customer learning. Predicts future vulnerabilities with self-healing capabilities through applying machine learning and artificial intelligence to the data.
- Supported: Cloud-native SaaS Architecture - Provides elastic scalability, high performance, and lower costs with cloud-native SaaS architecture.
Veracode Screenshots
Veracode Videos
Veracode Static Analysis Demo
Veracode Software Composition Analysis Demo
Veracode Dynamic Analysis Demo
Watch The Veracode Platform
Veracode Integrations
Veracode Competitors
Veracode Technical Details
| Deployment Types | Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Unspecified |
| Mobile Application | No |
| Supported Countries | North America, EMEA, APAC, LATAM |
| Supported Languages | Java, .NET, PHP, Android, iOS, JavaScript, Python |
Veracode Downloadables
Frequently Asked Questions
Veracode is an application security platform that performs five types of analysis; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Veracode offers on-demand expertise and aims to help companies fix security defects.
Reviewers rate Support Rating highest, with a score of 8.
The most common users of Veracode are from Enterprises (1,001+ employees).
Veracode Customer Size Distribution
| Consumers | 0% |
|---|---|
| Small Businesses (1-50 employees) | 18% |
| Mid-Size Companies (51-500 employees) | 65% |
| Enterprises (more than 500 employees) | 17% |
Comparisons
Compare with
Reviews and Ratings
(197)Attribute Ratings
Reviews
(1-7 of 7)Companies can't remove reviews or game the system. Here's why
10
Internally our application security and tools teams provide support to other teams that adopt Veracode.
On the tools team they only need to know the basics about Veracode - how to create and configure new applications, sandboxes, user access. They provide standardization of configuration/operation of the tool.
Our application security team has the most knowledge. They set standards for how teams should be using the tool - when teams should run scans, policies for remediating flaws, reviewing proposed mitigations, tell teams how to patch flaws, ensuring applications are properly scanned. They have deep software security knowledge, and evaluate the effectiveness of our Veracode adoption.
March 03, 2024
Best in Security
5
In our organization its being supported by Application Security Team. Skills needed are proficient in analyzing Veracode scan results, interpreting vulnerabilities, and providing actionable insights for remediation. Involved in incorporating Veracode into the overall security architecture, designing secure systems, and guiding developers in secure coding practices. Conduct training programs to educate developers and other stakeholders on secure coding practices and the importance of Veracode in maintaining a secure development lifecycle.
February 27, 2024
Veracode to the Rescue!
Score 10 out of 10
Vetted Review
Verified User
5
We have a dedicated team of 3 people in India who work directly with the development team in Indonesia and 2 people in the US who support the installation and manage site users.
September 01, 2022
Veracode Stands Tall Among the Leading Application Security Platforms
1
Information security personnel, once an application developer with 25 years in that field. Detail oriented with aptitudes in troubleshooting, and loads of patience working with developers that need lots of guidance.
June 09, 2022
Veracode Meets Our Needs
2
Knowledge in software development and software security is helpful if not required.
February 21, 2022
Why Veracode Can Save You... Money, Time, Security
7
We have 7 People on the Security Architecture Team, with a sub-group of 4 devoted to Application Vulnerability management. The overall group manages the tools, with the subgroup working directly in the app, working with Devs to get their applications into Veracode and explaining any of the vulnerabilities found and suggesting how to fix the found vulnerabilities.
September 01, 2021
Best security coding service
4
Developer and Cibersecurity ( DevSecOps )