Rough start, but smooth sailing after
October 01, 2020
Rough start, but smooth sailing after
Score 8 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
- Software Composition Analysis (SCA)
Overall Satisfaction with Veracode
Several of our lines of business are using Veracode to scan our various project codebases for vulnerabilities or potential security holes. We also scan our 3rd-party static libraries and freeware to make sure that code is compliant. In my department, we scan our server code as well as our mobile client code.
- Veracode quickly finds common code issues,
- Veracode makes it easy to turn issues into Jira tickets.
- Veracode integrates well with our CI/CD workflow.
- Getting our iOS app set up to use Veracode took a lot of time and working with their support team to get our app to scan properly.
- You need to make a special build target and then use Veracode's standalone app to package your iOS app for scanning.
- Integration with Xcode would be ideal.
- I feel safer knowing my code is secure.
We didn't really test any other products. Our IT department was using Black Duck before, but by the time we started doing scans on our codebase, they had decided on Veracode.
Do you think Veracode delivers good value for the price?
Not sure
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Veracode go as expected?
I wasn't involved with the implementation phase
Would you buy Veracode again?
Yes