Veracode and GitLab compete in the software security and DevOps space. Veracode has the upper hand in static and dynamic analysis, integration with IDEs, and security expertise, while GitLab excels in CI/CD integration and collaboration features.
Features: Veracode provides comprehensive static and dynamic analysis alongside software composition analysis. It offers integration with various development tools and IDEs like Eclipse and Visual Studio, and includes e-learning for security training. GitLab is highly valued for its robust CI/CD pipeline integration, merge requests, and collaborative coding features like code reviews, which improve development efficiency.
Room for Improvement: Veracode users mention false positives, complex UI, and a need for better scan speed and reporting. There are also concerns about its pricing and integration capabilities. GitLab faces challenges with integration in non-Kubernetes environments, some UI elements, and requires better project management features. Pricing and visibility in cloud environments are areas noted for enhancement.
Ease of Deployment and Customer Service: Both Veracode and GitLab offer deployment across cloud and on-premises environments, with GitLab as more user-friendly for deployment. Veracode offers thorough technical support with varying response times, providing personalized assistance. In contrast, GitLab is known for responsive support experiences.
Pricing and ROI: Veracode is perceived as high-cost, justified by its robust features and security benefits, though it can be prohibitive for smaller organizations. ROI comes through reduced vulnerabilities and compliance assurance. GitLab’s tiered pricing model, with a free version, is accessible to diverse users, proving cost-effective especially for those leveraging its CI/CD capabilities, though higher-tier plans are expensive.
Migrating to GitLab is bringing time-saving benefits, and everything is easier to automate.
We have saved time significantly, reducing deployment time from four hours to five minutes per deployment.
We have rarely needed to escalate issues to technical support since GitLab usually runs seamlessly.
I have interacted with architects for some advice during the implementation, and they were prompt in their response.
I have had meetings where they taught me, explained things, and provided guidance for starting from scratch.
They are very responsive and quick to help with queries within our scope.
It has all the features required for our coding and deployment needs, which makes it scalable to our changing requirements.
We're transitioning to OpenShift for future scalability with increased user numbers.
I have not encountered any performance or stability issues with GitLab so far.
It would be beneficial to have a user-friendly interface for setting up these configurations, instead of just writing YAML files.
GitLab can improve its user interface to make conflict resolution more user-friendly.
The UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.
Veracode can improve the licensing model as it is a bit confusing.
The price is high, and it limits user accessibility.
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
Even when working in other small organizations, we opted for GitLab as it was cost-efficient.
The pricing and model align with the needs of the developer community and the cybersecurity office.
The Ultimate version offers enhanced features for security scanning through DAST and SAST analysis, which have greatly benefitted our project workflow.
As we implement automated testing and DevSecOps, it speeds up the process by forty to sixty percent.
The feature I appreciate the most about GitLab is its ease of use and compatibility, which allows for straightforward building and deployment processes.
It offers confidence by preventing exposure to vulnerabilities and helps ensure that we are not deploying vulnerable code into production.
GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster.
It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring.
With GitLab, teams can streamline their workflows, automate processes, and improve productivity.
Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.
Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.
What are the key features of Veracode?
What benefits should users consider in Veracode reviews?
Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.
Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
