I would like the team to make users like me aware of the new features sooner, so we can get the most from this product. Otherwise, there is no disadvantage.
There are two parts that I think should be improved. Both the web page and the report have the same issue. Both are sometimes messy and very difficult to find information. You need to know where to look and especially where to find information. It can be a bit confusing in both the report and the web page. Quite often, I keep learning new things because some of the information is quite hidden. You need to click this link, then click here, and go here. Then, "Wow," you get so much information that you didn't know existed. Information is a bit hidden and there should be an easier way to access it after a scan is generated. You should find out all the places where the information can be stored because sometimes you can test and think that you have all the available information, but often there is more. It would be good if there was a good explanation from Veracode about where exactly to find all the information on how to get the best from the system, since it is a very powerful tool and to use it sometimes requires a bit of knowledge.
It would be good if there were more assignment problems in the inventory, as well as more randomness in the coding examples. At some points, we faced problems because we were not able to complete an assignment. It took a while to understand what was wrong but this is related to the fact that some of the exercises are very difficult in terms of coding. An exercise is only complete when the output exactly matches what is expected. In this regard, I think that the system should be more flexible in terms of what it accepts from the user. I had some trouble logging on to the Security Labs service. Direct username passwords are not supported. A single sign-on service is required and I was not able to add my external email address. As such, I was not able to add Veracode's assignments directly to my LinkedIn profile. It's a feature that I was not able to take advantage of. However, it did not matter because I was able to add the certifications to my profile manually.
The following areas should be improved: * Veracode Security Labs should cover more than only the OWASP Top 10. * A more advanced Veracode Security Labs should be added. * More Java-based labs should be added; ideally, all Veracode Security Labs will be available in the Java language. * Veracode Security Labs should provide better support for code completion and syntax control (when applied eg. Java) when working on the application code. * Some Veracode Security Labs are too easy to complete, although this is a subjective opinion.
At this point in time, the platform seems to be focused on web-based applications. For additional features, I can see opportunities for other types of technologies, like mobile applications, batch processing, and backend services or message queue processing. I suspect that these additional types of learning would be difficult to provide through a web-based learning environment, but not impossible. Web application development covers much of the industry, but there are also developers working with these other technologies that could benefit from a learning environment more specific to their technologies.
I would have liked to see a bit better auto-completion in the IDE, and there was a typo in one of the questions where the code you were supposed to copy was missing a pair of parentheses. I'm sure the typo messed up a lot of people.
Veracode Security Labs shifts application security knowledge left, training developers to tackle modern threats in the evolving cybersecurity landscape by exploiting and patching real code, and applying DevSecOps principles to deliver secure code on time. Through hands-on labs that use modern web apps written in your chosen languages, developers learn the skills and strategies that are directly applicable to an organization's code. With detailed progress reporting, email assignments, and a...
I would like the team to make users like me aware of the new features sooner, so we can get the most from this product. Otherwise, there is no disadvantage.
There are two parts that I think should be improved. Both the web page and the report have the same issue. Both are sometimes messy and very difficult to find information. You need to know where to look and especially where to find information. It can be a bit confusing in both the report and the web page. Quite often, I keep learning new things because some of the information is quite hidden. You need to click this link, then click here, and go here. Then, "Wow," you get so much information that you didn't know existed. Information is a bit hidden and there should be an easier way to access it after a scan is generated. You should find out all the places where the information can be stored because sometimes you can test and think that you have all the available information, but often there is more. It would be good if there was a good explanation from Veracode about where exactly to find all the information on how to get the best from the system, since it is a very powerful tool and to use it sometimes requires a bit of knowledge.
It would be good if there were more assignment problems in the inventory, as well as more randomness in the coding examples. At some points, we faced problems because we were not able to complete an assignment. It took a while to understand what was wrong but this is related to the fact that some of the exercises are very difficult in terms of coding. An exercise is only complete when the output exactly matches what is expected. In this regard, I think that the system should be more flexible in terms of what it accepts from the user. I had some trouble logging on to the Security Labs service. Direct username passwords are not supported. A single sign-on service is required and I was not able to add my external email address. As such, I was not able to add Veracode's assignments directly to my LinkedIn profile. It's a feature that I was not able to take advantage of. However, it did not matter because I was able to add the certifications to my profile manually.
The following areas should be improved: * Veracode Security Labs should cover more than only the OWASP Top 10. * A more advanced Veracode Security Labs should be added. * More Java-based labs should be added; ideally, all Veracode Security Labs will be available in the Java language. * Veracode Security Labs should provide better support for code completion and syntax control (when applied eg. Java) when working on the application code. * Some Veracode Security Labs are too easy to complete, although this is a subjective opinion.
The only area of this solution that needs improvement is the pricing for startups.
At this point in time, the platform seems to be focused on web-based applications. For additional features, I can see opportunities for other types of technologies, like mobile applications, batch processing, and backend services or message queue processing. I suspect that these additional types of learning would be difficult to provide through a web-based learning environment, but not impossible. Web application development covers much of the industry, but there are also developers working with these other technologies that could benefit from a learning environment more specific to their technologies.
I would have liked to see a bit better auto-completion in the IDE, and there was a typo in one of the questions where the code you were supposed to copy was missing a pair of parentheses. I'm sure the typo messed up a lot of people.