Overall Satisfaction with Veracode
I used Veracode for various applications in [the] organization, and I am able to identify and resolve many code vulnerabilities with the help of Veracode. Initially, I started with the .net application and now organization is planning to work on scanning angular apps and now I am exploring it, Plugins provided by Veracode are also really useful to analyze problems at the time of development.
- helps us to find out issues in code, majorly sql injections and untrusted initialization
- Support is really very helpful
- Plug-ins are helpful
- Easy to integrate in CI/CD pipeline
- Easy to use in IDE
- Sometime it's hard to resolve problems, the way Veracode expected
- Not able to find support videos/links for full project scans of other languages, the way they are available for .net
- It builds confidence in clients that application is full for security, validated by Veracode
After doing more and more research we observed it as the best solution for identifying problems in our code.
Do you think Veracode delivers good value for the price?
Are you happy with Veracode's feature set?
Did Veracode live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Veracode go as expected?
Would you buy Veracode again?
I think this is the best tool to identify problems in code and this also helps to reduce flaws in code which really makes the application robust and the client also feels confident while using it. But scan actually takes longer time than expected and many times it's not telling us the proper reason of why it is failing while uploading file during scan.