Good product and good APIs, UI could improve
September 03, 2020

Good product and good APIs, UI could improve

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)

Overall Satisfaction with Veracode

It is been used across the whole organization--the same product, but different components/modules. Teams need to fix the security issues to improve the security of the product, for this there are weekly scans and the related reports are checked to monitor progress. The new issues are added to the backlog on Jira.
  • Reports are well detailed.
  • The recommended solutions are sometimes useful to easily fix the issue.
  • Libraries report is very useful.
  • The UI isn't well designed, not user friendly.
  • Navigation as well
  • I found issues sometimes, comparing the scans from the current to the previous.
  • The limitation on the number of sandboxes should have been communicated earlier, and at least provided a solution or a backup system.
  • Increasing the security of a product means increase the quality and the reputation.
  • UI could be improved because I waste time to navigate between the scans and sometimes the teams need a support because it isn't intuitive.
  • A better Integration with Jira would be helpful.
Acunetix was too difficult to set up and some features were useless for our product. The results weren't clear, so definitely Veracode is better than Acunetix. We use WhiteSource because the level of detail is much better than Veracode. We didn't choose Veracode over them but we already had Veracode as per some clients' recommendations.
The support is very good and fast to respond. I feel very supported and they always find the right solution or help me to investigate an issue with great professionalism.

Do you think Veracode delivers good value for the price?

Yes

Are you happy with Veracode's feature set?

Yes

Did Veracode live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Veracode go as expected?

Yes

Would you buy Veracode again?

Yes

I think that Veracode is suitable for most scenarios. The APIs are easy to use, a Jenkins 2 plugin would be appreciated. The java wrapper repository doesn't have the "latest" option to automate the update of the wrapper. It would be useful for a better automation process. Maybe the integration with Jira is to improve and also the analysis of false positives.