My experience with Veracode
August 06, 2020

My experience with Veracode

Anonymous | TrustRadius Reviewer
Score 5 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)
  • Software Composition Analysis (SCA)

Overall Satisfaction with Veracode

Veracode was used to identify possible security issues using static code analysis.

Pros

  • It's a robust analysis that looks at all of the code submitted.
  • Veracode is current on the latest CVE issues.

Cons

  • The report is hard to work with and requires mouseovers to get at critical information.
  • Exporting the report leaves out critical information.
  • There were many false positives reported.
  • The UI for marking remediations is convoluted and difficult.
  • The process for uploading code is difficult and poorly documented.
  • It helped identify weaknesses, as expected.
We had a client that insisted on the use of Veracode.
When I made support calls, I was able to get to have a good conversation with a competent engineer.

Do you think Veracode delivers good value for the price?

No

Are you happy with Veracode's feature set?

No

Did Veracode live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Veracode go as expected?

Yes

Would you buy Veracode again?

No

It does a good job of searching the entire code against all known CVE issues. However, users may be better served by incorporating open source tools instead, to do static code analysis.

Comments

  • Colleen Reidy | TrustRadius Reviewer
    Thank you for your feedback. We take customer satisfaction seriously and want to make sure we continue to improve. We have shared this feedback with our product management and user experience teams.

More Reviews of Veracode