Ease of use for the win!
October 01, 2020

Ease of use for the win!

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)
  • Software Composition Analysis (SCA)

Overall Satisfaction with Veracode

We develop various software products. Veracode is currently being used only for one product. It's our flagship product, and the others are in development so eventually, we plan to add them to the Veracode tool. Currently, Veracode is only used by me. After the developers produce a build, I run Veracode analysis and it's ready for customers that request it. We have still a long road to implementing it in CI/CD, and on other products. We are not there yet.
  • Static analysis
  • Almost no false positives
  • Very easy to use (cloud)
  • Recurring false positives
  • Summary report can show more summarized information
  • Faster results--sometimes results take several hours
  • very positive ROI
  • one customer paid for it and we can use when requested by other customers
Veracode had better pricing than most of them, and much easier deployment (SaaS) so we don't need to worry about hardware. Even with the only cloud option that was not ideal for us, we embraced it. Also, it supports the technology we are using .NET C# and it works great for us.
I had some experience with them and they were not able to help me much. The issue was with a false positive and how to mitigate the specific issue by changing our code or with a flag to be just false positive. Actually last emails I sent didn't even get a response... so that's not great, but luckily we figured it out ourselves.
The Veracode app is very easy to use. They have a very well documented help system that guides you to use the product efficiently. They also have training programs to help you integrate Veracode across the organization. We are not there yet, but I have seen some of the videos and they are really helpful.

Do you think Veracode delivers good value for the price?


Are you happy with Veracode's feature set?


Did Veracode live up to sales and marketing promises?


Did implementation of Veracode go as expected?


Would you buy Veracode again?


I think Veracode is very well suited for its ease of use. You just compile your code, create a zip file, and upload. It handles everything thanks to the cloud SaaS approach. The integration with all developer tools, CI/CD, etc. is great.

I think it's not appropriate if you want on-premises analysis for whatever reason. They don't offer this option.