Veracode scan to find vulnerabilities before release
February 01, 2022

Veracode scan to find vulnerabilities before release

Prakash Patel | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Modules Used

  • Static Analysis (SAST)

Overall Satisfaction with Veracode

We are providing software to customers. We are using Veracode to scan .NET source code time to time to detect any vulnerabilities. Then we will fix them and report can be provided to customer if customer request code scan report. So generally we are using Veracode to scan source code and detect any problem.

Pros

  • Engine is updated time to time to add more flaws
  • Scanning process is easy to use
  • Scanning notifications are sent to track whole scanning process

Cons

  • Taking bit more time for static scan
  • Some flaws are false positive and we should have option to flag as false positive so next time they won't appear on report
  • Static Scan
  • Scan during build
  • We can find vulnerabilities before releasing to customer so positive impact of product to customer
  • Secure product release
  • Learn secure software development techniques
It is company's higher authorities' decision to use Veracode over other products

Do you think Veracode delivers good value for the price?

Not sure

Are you happy with Veracode's feature set?

Yes

Did Veracode live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Veracode go as expected?

Yes

Would you buy Veracode again?

Yes

  • When you need static scan for coding to find vulnerabilities
  • When you want source code scan during build process
  • Even you can do source code scanning in Visual Studio using plug-in
  • When you need to find vulnerabilities before releasing to customer

Comments

More Reviews of Veracode

  1. Home
  2. Application Security Tools
  3. Veracode Reviews
  4. User Review of Veracode