Good security platform, but run trial first.
October 02, 2020

Good security platform, but run trial first.

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)
  • Software Composition Analysis (SCA)
  • Dynamic Analysis (DAST)

Overall Satisfaction with Veracode

We use it to have all our security scanning tools under one platform (DAST, SAST, and SCA). We use it for our main software product. The issue it addresses is keeping all of the security scans under one platform, so it's easy to see at a glance where we stand.
  • SCA - Very simple to run and results are actionable
  • DAST - We are in the process of trying to switch from Acunetix, but have yet to run a successful DAST scan as there are 'technical issues' each time.
  • SAST - While it has been boasted as being fast, it does take quite a while for our codebase to be scanned (roughly 1 day). Otherwise, the results seem OK.
  • Currently, neutral until we get the DAST scanning working well. The pricing model is also very confusing and doesn't make much sense to us.
Veracode is an all-in-one solution, whereas the others have various tools, but not an all-encompassing solution.
They're generally responsive, but haven't been able to figure out our issues yet.
Some products are straightforward to use and 'just work', whereas others are not. The instructions are well documented.

Do you think Veracode delivers good value for the price?

Not sure

Are you happy with Veracode's feature set?


Did Veracode live up to sales and marketing promises?


Did implementation of Veracode go as expected?


Would you buy Veracode again?


If you are a company that has to meet ever-growing security needs and doesn't have a super security-savvy workforce that can do their own analysis and testing, then I would recommend moving forward with Veracode. It does put everything under one umbrella.