Veracode helps to improve the security in applications
October 07, 2022

Veracode helps to improve the security in applications

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review

Modules Used

  • Static Analysis (SAST)
  • Software Composition Analysis (SCA)
  • Dynamic Analysis (DAST)
  • Developer Training

Overall Satisfaction with Veracode

Veracode helps our clients to deliver secure applications in an agile way in less time and focus the efforts of developers to work on real flaws, this can be done from a single SAST scan to a complete integration in a CI/CD enviroment, analyzing vulnerabilities in the code of the developers, thrid party libraries, executing dynamic anlysis all automated to be compaint to security standards and best practices
  • SAST analysis in the pipeline it's very quick and helps to identify flaws
  • Third party libraries analysis it's effective to review vulnerabilities and recommend a secure version
  • Integration in the pipeline with various DevSecops Tools/Platforms
  • More coverage in the languages/frameworks
  • The crawl script for SAST analysis could be improved to support more functions
  • More coverage for different versions of the IDEs
  • Faster time to market
  • Effective reviews and recommendations
  • Compliance of security standards
  • SaaS platform for a quick and agile start
Secure code training it's a great option to enable developers in the security world, it's a dynamic platform that helps to understand the vulnerabilities and how to fix them in a real environment, and the documentation contains all the information you need to understand all the functions of the Veracode platform.
Our clients use Veracode in each phase of the SDLC, integrating the IDE Scan to analyze the code from the first steps of the development, executing static and dynamic analysis in the pipeline including the analysis of third-party libraries, the integrations are in different systems like GitHub, bitbucket, Azure DevOps
Using Veracode in the first steps of the development helps to reduce the possible flaws that could be introduced in the early stages, this is complemented by the security labs that enable the developers to create secure code, also the capability of Sandbox allows the developers to evaluate the code against the security standard, all this helps to deliver a secure applications
The maturity of the Veracode and the continuous improvements in its products it's one of the principal characteristics of chosee it, Veracode it's a SaaS platform and was born in the cloud, so this is a great option for our clients to be quick to implement also the easy of their integrations it's some valuable

Do you think Veracode delivers good value for the price?

Yes

Are you happy with Veracode's feature set?

Yes

Did Veracode live up to sales and marketing promises?

Yes

Did implementation of Veracode go as expected?

Yes

Would you buy Veracode again?

Yes

It's an excellent security application platform, with different integrations that can fit in the SDLC, as the SAAS solution works perfect to quick starts and the integrations are fast and easy to execute, can be implemented in a modular way starting just with training in secure code or can be robust to integrate into all the develop environment