Veracode Review
October 16, 2020
Veracode Review
Score 10 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
- Software Composition Analysis (SCA)
- Dynamic Analysis (DAST)
- Penetration Testing
- Developer Training
Overall Satisfaction with Veracode
Veracode is used in my company as an Enterprise Security Partner. Currently, we focus on SAST & SCA, but we have experience with Veracode on DAST and MPT as well. I have used Veracode earlier also at one of my previous engagements in a Fortune 500 company. I am really satisfied with Veracode.
- Veracode supports enterprise-level security solutions
- Veracode scanning is very high in accuracy and feels 0FPs especially on java binaries, as per my experience, so far.
- Veracode training is very practical and it points to the specific OWASP issue, easy to understand
- It is very much up-to-date.
- Veracode site sometimes feels a bit slow, maybe my expectation of website performance is too high
- In customized reports, although the user unchecks Dynamic & MPT, in the report the counts still get displayed.
- Veracode pricing is not openly displayed anywhere.
- No trial versions for security/penetration testers
- No community version, even with fewer features
- Veracode ROI is very high.
- Veracode supports security left-shift well.
- Veracode is well supported for Secure Development Life Cycle.
- Overall with regard to Secure Applications, Veracode removes all the burdens of security and guides us very proactively toward our business objectives.
Veracode speaks on very practical, actual security issues rather than thousands of code quality issues.
Do you think Veracode delivers good value for the price?
Yes
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
Yes
Did implementation of Veracode go as expected?
Yes
Would you buy Veracode again?
Yes