Skip to main content
TrustRadius
Veracode

Veracode

Overview

What is Veracode?

Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.

Read more

Learn from top reviewers

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Video Reviews

1 video

Veracode Review: Provides Helpful Support When Troubleshooting Security Needs
02:38
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Veracode?

Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

1078 people also want pricing

Alternatives Pricing

What is SonarQube Server?

SonarQube is a code quality and vulnerability solution for development teams that integrates with CI/CD pipelines to ensure the software you produce is secure, reliable, and maintainable.

What is Indusface WAS?

Indusface Web Application Scanner provides an application security audit to detect a range of high-risk Vulnerabilities, Malware, and Critical CVEs.

Return to navigation

Product Details

What is Veracode?

The Veracode Platform provides a comprehensive approach to build and secure software and meet application risk management requirements through tools, solutions, AI-generated fixes and ASPM capabilities to gain visibility into vulnerabilities from code to cloud and quickly remediate them.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Veracode Screenshots

Screenshot of the Veracode Platform HomepageScreenshot of Static Analysis ScansScreenshot of Findings Status and History DashboardScreenshot of the Veracode Platform

Veracode Videos

Veracode Static Analysis Demo
Veracode Software Composition Analysis Demo
Veracode Dynamic Analysis Demo

Watch The Veracode Platform

Watch Manhattan Associates Success Story

Veracode Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesNorth America, EMEA, APAC, LATAM
Supported LanguagesJava, .NET, PHP, Android, iOS, JavaScript, Python

Frequently Asked Questions

Veracode is a software security firm that identifies flaws and vulnerabilities across the software development lifecycle. Veracode’s Software Security Platform uses advanced AI algorithms trained on vast datasets of code, for more precise identification and rectification of security flaws.

Checkmarx, Snyk, and SonarQube Server are common alternatives for Veracode.

Reviewers rate Implementation Rating highest, with a score of 9.1.

The most common users of Veracode are from Enterprises (1,001+ employees).

Veracode Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)18%
Mid-Size Companies (51-500 employees)65%
Enterprises (more than 500 employees)17%
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

(1-5 of 138)

Comprehensive Review of Veracode for Enhancing Security Strategies.

Rating: 8 out of 10
December 20, 2024
AB
Vetted Review
Verified User
Veracode
1 year of experience
We are using Veracode as a core part of our software development lifecycle so that we can ensure some robust application security. Addressing critical business problems on time, such as recognizing vulnerabilities early in the process, ensuring compliance with security standards throughout, and mitigating all the risks associated with the third-party dependencies, were very important to us and our CI/CD pipelines and our development environment and testing workflows. This enables our development and security teams to identify and address issues in a timely manner, prioritize critical threats, and prevent potential breaches in ensuring a secure and compliant codebase for all of our applications.

My experience with Veracode

Rating: 7 out of 10
September 17, 2024
NG
Vetted Review
Verified User
Veracode
5 years of experience
* We run static scans on a regular basis (integrated in our continuous integration) on all our major branches.
* We review the Software Composition Analysis and the "Triage flaws" section on a regular basis (minimum every week).
* We run a dynamic scan before each major version release.
* Our goal is to fix all the Very high/high/medium vulnerabilities this year. We'll then look at the minor ones.

My experience using Veracode tool

Rating: 9 out of 10
November 18, 2024
SB
Vetted Review
Verified User
Veracode
3 years of experience
I have been using Veracode for nearly 2 years, we are using its SAST and DAST features. Previously there was no source code validation in our software development life cycle. We used this tool to shift the security to left, and tried to make the process as automate as possible. The best use case of this tool is that it can be fit anywhere with flexible plugins at different stages of SDLC. Even the support is very good and co-operative.

Good SaaS service for finding security vulnerabilities in code.

Rating: 9 out of 10
September 25, 2024
Vetted Review
Verified User
Veracode
1 year of experience
In my organization, Veracode is used as an enterprise mandate to scan any application or service built by the development teams before deploying it into higher or pre-production/testing environments. After the scans, the security team reviews the results to mitigate or fix the vulnerabilities found by Veracode static and dynamic scans following the recommendations provided by the tool, sometimes like upgrading a third-party library to a newer version through SCA.

One-stop SDLC Security

Rating: 10 out of 10
December 19, 2024
Vetted Review
Verified User
Veracode
1 year of experience
We use Veracode as part of our SDLC, to provide for our SAST, DAST and SCA
Return to navigation