Great SAST solution for DevSecOps Pipeline
October 23, 2020

Great SAST solution for DevSecOps Pipeline

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)

Overall Satisfaction with Veracode

My client uses Veracode for scanning code. It is used to verify that Java, NodeJS, & Python micro-services as part of CI/CD Pipeline (Bamboo, Jenkins, & Gitlab CI). Veracode is constantly run throughout internal applications source code to ensure the security hygiene of the code.
  • The newly launched Veracode pipeline scan is pretty awesome. It’s quick & synchronous pipeline friendly.
  • Veracode has a selection of workflows, documentation, and integration tools that make it useful for keeping all of my teammates on the same page.
  • Veracode is very user-friendly. Its UI is organized and keeps all the different scans we have set-up in a very clean visual.
  • Fewer false positives
  • Veracode could improve on language-specific recommendation, e.g., you scan Python source code and get remediation instruction on Java language.
  • Veracode price is in the high range. I believe with all its competition; the pricing could be a little better.
  • 30% reduction in vulnerability remediation efforts
  • Veracode helped us meet Industry standards and made security an integral part of our XL release cycle.
Account managers, Solution Architect, Pre-sales team are extremely helpful, always ready to assist with any issues we have.
It is a pretty easy-to-use solution for security nerds, developers, and product managers.

Do you think Veracode delivers good value for the price?

Not sure

Are you happy with Veracode's feature set?


Did Veracode live up to sales and marketing promises?


Did implementation of Veracode go as expected?


Would you buy Veracode again?


Snyk, Qualys Container Security (CS)
Veracode is a great tool for DevSecOps Pipeline. Veracode SA has helped us to architect wrapper, which can be consumed across various CI (Bamboo, gitlab, Jenkins) tools.