Veracode Reviews

Scanning for code security vulnerabilities within our company's products.

Made our company aware of any potential code security vulnerabilities. Also, customers can use our products knowing they are verified by top organizations as safe.

Informing me of application security vulnerabilities. Bamboo build-automation with Veracode API calls are used.

• The user interface could be more sleek.
• Some scanning requirements aren't flexible.
• Some features take some time for new users to understand (like what exactly "modules" are).

No issues with stability.

No issues with scalability.

Great.

Somewhat straightforward. There was a little confusion about "missing modules" that are third-party files that we couldn't upload because we don't actually have them. That really confused us, but the technical support resolved the confusion.

I can't report on any cost savings relating to code fixes since implementing Veracode in our development process, but it makes us feel more confident about our code, which is awesome.

We are satisfied.

None. We might look into Checkmarx.

I am very likely to recommend Veracode to colleagues. Veracode is great.

PoC is in progress.

• Application testing
• False positives challenges
• Wide range of platforms and technology assessments

It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share.

No.

No.

Customer Service:

A three out of 10.

Technical Support:

A two out of 10.

Quality levels, service offerings, pricing, and mainly the features and abundance of technologies provided by others made us switch to a different solution.

In-house.

The pricing is pretty high.

Yes. Checkmarx, SonarQube and Fortify Software.