Veracode for static and dynamic code analysis
May 08, 2021
Veracode for static and dynamic code analysis
Score 8 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
- Dynamic Analysis (DAST)
Overall Satisfaction with Veracode
Veracode has been defined as the platform for [our] IT security department to guarantee secure software development and testing before moving to production. Veracode provides dynamic and static code analysis to detect vulnerabilities and reduce risks in term of how strong the applications are regardless of their technology. As as SaaS, the platform is ready to start a project and provide capacity to scale based on the ongoing needs.
- Mobile and web code analysis for digital channels.
- Integration with automated pipelines.
- SaaS model with scalable capacity.
- Reports for capacity usage and license are basic.
- Email notifications could be improved for better user experience and provide clear insights.
- Plans for dynamic and static should be separated based on specific needs.
- Static analysis for binary platforms.
- Dynamic analysis for digital channels with continuous changes.
- Integration capacity for continuous deployment.
- Security compliance for audit reasons.
- Risk detection on early stages to reduce development cost.
- Guarantee service over digital channels.
Veracode stands out for trusted community results, vendor relationship, and partner channels to support and provide a close relationship.
Integration capacity is a good point when deciding to integrate with DevOps framework.
Integration capacity is a good point when deciding to integrate with DevOps framework.
Do you think Veracode delivers good value for the price?
Yes
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Veracode go as expected?
Yes
Would you buy Veracode again?
Yes