Sleep Soundly - Use Veracode
October 13, 2020

Sleep Soundly - Use Veracode

Teresa Kosinski | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)
  • Dynamic Analysis (DAST)

Overall Satisfaction with Veracode

Veracode is used across all departments in our organization tasked with creating and/or using software. It helps to ensure that we are up-to-date on the latest security threats, and their consultants help us to quickly resolve any issues we are not able to resolve ourselves. I greatly appreciate that the Veracode platform is incredibly versatile, and helps us get a more holistic view of our security profile. When we first started using it, within minutes it was easy to view where we should focus our fixes. Looking back, this alone was worth every penny.
  • Thorough static scans
  • Quick but deep dynamic scans
  • Detailed reports
  • Excellent consultants
  • Initial user training could be better; it's very confusing at first.
  • More online help
  • Veracode's tools can perform in a couple of hours what would take us weeks to do.
  • Our customers--rightfully--expect a high degree of security from us.
  • It's easy to integrate Veracode into a CI pipeline allowing you to catch flaws while the code changes are fresh in your mind.
Veracode is more thorough and provides a wider variety of tools than the competition. Support is prompt and very eager to make sure we get the help we need as quickly as possible. If Support can't resolve it right away, they will make sure we are connected to one of their consultants. The consultants are awesome.
Veracode Support has been great. Any time I have had a question, they have responded in a prompt manner. I'd say nine out of ten times they are able to resolve any issues that have come up with a short email exchange. For issues requiring a bit more investigation, their consultants are tops.
Once you become accustomed to using Veracode, you will more thoroughly understand the many ways in which you can use their tools. My only complaint is that it can be a bit daunting for new users of the platform. Perhaps some "Introduction to Veracode Tools" would be helpful for new users.

Do you think Veracode delivers good value for the price?


Are you happy with Veracode's feature set?


Did Veracode live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Veracode go as expected?

I wasn't involved with the implementation phase

Would you buy Veracode again?


Veracode is great for deep scans of your codebase, as well as performing deep scans against your online application. I have been using it for several years, and it has consistently gotten more and more thorough while vastly improving performance.

Make sure, though, that your language is supported. Veracode supports several, but it doesn't support everything.