Veracode Review
September 03, 2020

Veracode Review

Mauricio Giraldo | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)
  • Software Composition Analysis (SCA)
  • Dynamic Analysis (DAST)
  • Developer Training

Overall Satisfaction with Veracode

We use Veracode across the whole organization. Our policies demand that all public-facing software needs to go through SAST.

Pros

  • SDLC-CI/CD Integration
  • Code flexibility
  • Ease of use
  • Bundled solution (SAST + DAST)

Cons

  • User interface
  • Being able to correlate many dynamic scans to single applications
  • Reporting is very complete, but sometimes too complex.
  • We use Mandiant as our guide for security maturity, and Veracode is helping us to achieve our goals.
  • Less code deployed with potential vulnerabilities means fewer reversals or re-deployments.
  • Shift left (thanks to Veracode) helps to have better products delivered and focus on new solutions instead of fixing bugs.
Veracode is a solution easy to set up and integrate with virtually any pipeline--a single product for three solutions.
The few times we needed to contact support, they helped us and followed-up until the issue was resolved completely.

Do you think Veracode delivers good value for the price?

Yes

Are you happy with Veracode's feature set?

Yes

Did Veracode live up to sales and marketing promises?

Yes

Did implementation of Veracode go as expected?

Yes

Would you buy Veracode again?

Yes

Gitlab, SonarQube, Palo Alto Networks Prisma Public Cloud (formerly Evident.io), Tenable.io, Azure DevOps (formerly VSTS), GitHub, AlienVault USM, Palo Alto Networks AutoFocus, Palo Alto Networks Cortex XDR, Palo Alto Panorama
Veracode is well suited for any company that has software pipelines, companies that need to comply with different regulations and standards.

Comments

More Reviews of Veracode

  1. Home
  2. Application Security Tools
  3. Veracode Reviews
  4. User Review of Veracode