CA Veracode Static Analysis


CA Veracode static analysis enables you to quickly identify and remediate application security flaws at scale and efficiency. Our SaaS-based platform integrates with your development and security tools, making security testing a seamless part of your development process. Once flaws are identified, leverage in-line remediation advice and one-to-one coaching to reduce your mean time resolve. CA Veracode static analysis is the competitive advantage you need to securely bring your applications to market at the speed of DevOps.

Work for CA Veracode Static Analysis?

Learning about CA Veracode Static Analysis?

We can help you find the solution that fits you best.

Find the Right Product

CA Veracode Static Analysis Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
Company Size
User Role
Showing 2 CA Veracode Static Analysis reviews
LinkedIn Connections
CA Veracode Static Analysis review by User
Validated Reviewer
Verified Current User
Review Source

"Great tool to find security flaws"

What do you like best?

Veracode is good static analysis tool to find security flaws. I use this tool to scan my java microservices jar files. it's easy to configure. It does not require source code and accepts binary files and scans them.

We can either manually scan files or integrate with jenkin so jars are auto scanned on every build.

What do you dislike?

can takes some time . It could be better if scanning time is improved.

What problems are you solving with the product? What benefits have you realized?

We use veracode to identify flaws and malicious code in applications before they are bought or deployed. It helps to build more secure application.

Sign in to G2 to see what your connections have to say about CA Veracode Static Analysis
CA Veracode Static Analysis review by User
Validated Reviewer
Review Source
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"Veracode Does It’s Job"

What do you like best?

Veracode gives detailed analysis and supports “ignoring of previously reviewed findings”. You can mark findings as “already reviewed”.

What do you dislike?

User interface is a little clumsy. The UI needs a face lift with more modern technology and widgets.

What problems are you solving with the product? What benefits have you realized?

It “checks the box” for Java code scanning. Security teams love that.

What Static Code Analysis solution do you use?

Thanks for letting us know!

There are not enough reviews of CA Veracode Static Analysis for G2 to provide buying insight. Below are some alternatives with more reviews:

ReSharper Logo
ReSharper is a productivity tool for visual studio that provides tools and features to help you manage your code.
SonarQube Logo
SonarSource products have innovative features to maximize quality and manage risk for both small and large software portfolios.
Pylint Logo
Pylint is a tool that checks for errors in Python code, tries to enforce a coding standard and looks for bad code smells.
ReSharper C++ Logo
ReSharper C++
ReSharper C++ is designed to make Visual Studio a better IDE for C++ developers, providing code analysis, quick-fixes, search and navigation, smart code completion, refactorings, and others.
Babel Logo
Babel is a JavaScript compiler. It helps shape the future of the JavaScript language itself.
Black Duck Software Composition Analysis Logo
Black Duck Software Composition Analysis
Black Duck by Synopsys provides a comprehensive software composition analysis (SCA) solution for managing security, quality, and license compliance risk that comes from the use of open source and third-party code in applications and containers. Black Duck gives you unmatched visibility into third-party code, enabling you to control it across your software supply chain and throughout the application life cycle.
Roslyn Logo
The .NET Compiler Platform ("Roslyn") provides open-source C# and Visual Basic compilers with rich code analysis APIs.
Java Obfuscator & Android Obfuscator Logo
Java Obfuscator & Android Obfuscator
DashO is a Java and Android Obfuscator plus much more. It provides enterprise-grade app hardening and shielding, greatly reducing the risk of intellectual property theft, data theft, piracy, and tampering. Our layered obfuscation, encryption, watermarking, auto-expiry, anti-debug, anti-tampering, anti-rooted device solution provides protection for applications all around the world.
StyleCop Logo
StyleCop analyzes C# source code to enforce a set of style and consistency rules.
Closure Compiler Logo
Closure Compiler
The Closure Compiler is a tool for making JavaScript download and run faster. Instead of compiling from a source language to machine code, it compiles from JavaScript to better JavaScript.
Show more
Kate from G2

Learning about CA Veracode Static Analysis?

I can help.
* We monitor all CA Veracode Static Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.