Heathy, bug-free Code brought to you in association with Veracode
September 15, 2022
Heathy, bug-free Code brought to you in association with Veracode
Score 7 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
Overall Satisfaction with Veracode
We use the Static Analysis feature of Veracode to ensure no vulnerabilities are present in our code bases. If a flaw is reported, we consult with the internal team and then set up a Veracode consultation if required for mitigation ideas. After fixing / mitigating the flaw we scan again to check if any further flaws are being reported - if not, we go ahead with the next steps in the project lifecycle.
Pros
- Reporting vulnerabilties
- Static Analysis of code
- Scan all dependencies
Cons
- UI experience could be smoother
- Navigation could be better
- Response time could be optimized
- Safety
- Stability
- Reporting
- No vulnerabilities in Live applications
- Enough time to fix reported flaws
- Static scan done frequently to assess application health
Checkmarx and Veracode have a few common points and some features which are different. Checkmarx UI is more user-friendly, but the level of detailing in Veracode reports is better. Veracode is a good choice for static analysis of code. if the user interface can be made smoother that would definitely help.
Do you think Veracode delivers good value for the price?
Not sure
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Veracode go as expected?
I wasn't involved with the implementation phase
Would you buy Veracode again?
Yes
Comments
Please log in to join the conversation