Very good SAST tool provider
October 14, 2021
Very good SAST tool provider

Score 9 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
Overall Satisfaction with Veracode
Our company uses the Veracode SAST tool to ensure the code quality. We run it on a weekly basis as part of our CI / CD pipeline. The Veracode tool creates reports, and we check the report. If a report includes high, very high or critical issues - we fix these issues immediately and rerun the
SAST tool.
SAST tool.
Pros
- Great SAST analysis for Java.
- Very professional security consultants.
- Great SAST analysis for Javascripts.
- Easy way to export reports.
Cons
- The platform performance (UI) should be improved. Now each action takes a lot of time.
- The SAST analysis for Angular should be improved.
- The Veracode SAST tool.
- We can send the reports created by the platform to our customers: they are created in a very professional way.
We have evaluated the Veracode DAST tool in 2019. [From my experience] the Veracode DAST tool was in the very initial state and was not ready for enterprise: The main reason is that it was not the automatic solution. It is not good to wait for the manual verifications of the finding and results were not reported automatically by the Veracode DAST tool.
Do you think Veracode delivers good value for the price?
Yes
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
Yes
Did implementation of Veracode go as expected?
Yes
Would you buy Veracode again?
Yes
Comments
Please log in to join the conversation