CA Veracode static analysis enables you to quickly identify and remediate application security flaws at scale and efficiency. Our SaaS-based platform integrates with your development and security tools, making security testing a seamless part of your development process. Once flaws are identified, leverage in-line remediation advice and one-to-one coaching to reduce your mean time resolve. CA Veracode static analysis is the competitive advantage you need to securely bring your applications to market at the speed of DevOps.
Veracode is good static analysis tool to find security flaws. I use this tool to scan my java microservices jar files. it's easy to configure. It does not require source code and accepts binary files and scans them.
We can either manually scan files or integrate with jenkin so jars are auto scanned on every build.
What do you dislike?
can takes some time . It could be better if scanning time is improved.
What problems are you solving with the product? What benefits have you realized?
We use veracode to identify flaws and malicious code in applications before they are bought or deployed. It helps to build more secure application.
* We monitor all CA Veracode Static Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.