Veracode Application Security Platform Reviews & Product Details

Veracode Application Security Platform Overview

What is Veracode Application Security Platform?

Veracode helps companies that innovate through software deliver secure code on time. Unlike on-premise solutions that are hard to scale and focused on finding rather than fixing, Veracode comprises a unique combination of SaaS technology and on-demand expertise that enables DevSecOps through integration with your pipeline,empower developers to fix security defects, and scales your program through best practices to achieve your desired outcomes. Veracode covers your all your AppSec needs in one solution through a combination of five analysis types available for 24 programming languages, 77 frameworks, and application types as varied as microservices, mainframe and mobile apps.

Veracode Application Security Platform Details
Product Description

Veracode is the world's best automated, on-demand application security testing and code review solution.


Seller Details
Seller
VERACODE
Company Website
Year Founded
2006
HQ Location
Burlington, MA
Twitter
@Veracode
23,803 Twitter followers
LinkedIn® Page
www.linkedin.com
744 employees on LinkedIn®
Show More

Veracode Application Security Platform Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 18 Veracode Application Security Platform reviews
Popular Mentions
Showing 18 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Region
Already have Veracode Application Security Platform?
Write a Review
Professional 1 Product Test
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

We can conduct security testing (both static and dynamic) on any given application . For penetration testing this is the best tool.

- In web application scanning we can conduct

a) Website discovery

b) Dynamic DS

c) Dynamic MP

d) Dynamic Analysis

- Manual Penetration testing

- Code scanning

a) Static analysis

b) Source clear software composite analysis

And top of all its scan reporting features Review collected by and hosted on G2.com.

What do you dislike?

Scanning progress is highly dependent on speed of internet as a result it creates confusion on the completion Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We used other tools for scanning our application . But the scan reports were generated in specific formats. This problem got solved with Veracode because , different clients associated with us prefer different kinds of reports for automation purpose.

Veracode is helping us in getting scan reports in desired formats Review collected by and hosted on G2.com.

Show More
Show Less
UT
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

individual code scanning which helps to scan individual code. which is written by each individual and can be scan at the same time Review collected by and hosted on G2.com.

What do you dislike?

backend support isnt good . there should be a proepr backend support that is needed from the veracode support team Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

scanning individual code which helps to secure the code in the initial level which decrease the cost of the scanning and security risk Review collected by and hosted on G2.com.

Show More
Show Less
UH
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

Over the years, Veracode has made the tools much faster and more thorough. Their Support group is very good, too. It's great to be able to schedule a consultation, and most of their consultants have been fantastic. Review collected by and hosted on G2.com.

What do you dislike?

On the static scan, sometimes a flaw is detected during one scan, not detected during the next, and subsequently detected on a third. The inconsistency makes it hard to track. Also, they do not make it easy to mitigate flaws other than those for a static scan. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I've been very pleased with the Veracode Application Security Platform. It's very easy to use, it's quick, and their support if very good. I highly recommend checking it out. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The platform helps identify any security flaws you have in your code. Also keeps developers on their toes with regard to making sure they don't introduce any *new* flaws. Review collected by and hosted on G2.com.

Show More
Show Less
UI
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

Easy to scan a new application and view results of previous scans, generate reports etc. Review collected by and hosted on G2.com.

What do you dislike?

Nothing, it's really good. We only use it for static code analysis at the moment. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Providing users with self-service access to high quality automated testing. Review collected by and hosted on G2.com.

Show More
Show Less
UI
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

Veracode is good static analysis tool to find security flaws. I use this tool to scan my java microservices jar files. it's easy to configure. It does not require source code and accepts binary files and scans them.

We can either manually scan files or integrate with jenkin so jars are auto scanned on every build. Review collected by and hosted on G2.com.

What do you dislike?

can takes some time . It could be better if scanning time is improved. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We use veracode to identify flaws and malicious code in applications before they are bought or deployed. It helps to build more secure application. Review collected by and hosted on G2.com.

Show More
Show Less
CH
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Sast and DAST feautures are good. Risk rating of the apps are decent. Ability to provide built in reports are good Review collected by and hosted on G2.com.

What do you dislike?

Nothing that I can think of. Perhaps ability to commect with other industry products and scanning engine. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Exposing risks from our enterprise apps is a major benefit. Challenge is the volume but at lease we have visibility now. Review collected by and hosted on G2.com.

Show More
Show Less
UM
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

I like how easy it is to learn, and how much time it saves in your process Review collected by and hosted on G2.com.

What do you dislike?

I am fairly new to this program, so I will update if I find anything I dislike Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Just give it a try and see how much better you will operate! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I am saving time and having more protection for my business Review collected by and hosted on G2.com.

Show More
Show Less
AI
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It is easy to integrate with code build tools and produces comprehensive reports about the code quality and security vulnerabilities. Review collected by and hosted on G2.com.

What do you dislike?

Nothing much to consider but it needs little bit of tweaks in order to tailor to your needs and to suit multiple technologies. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It serves multiple purposes like static code analysis and security vulnerabilities at one shot and produces good reports. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Veracode gives detailed analysis and supports “ignoring of previously reviewed findings”. You can mark findings as “already reviewed”. Review collected by and hosted on G2.com.

What do you dislike?

User interface is a little clumsy. The UI needs a face lift with more modern technology and widgets. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It “checks the box” for Java code scanning. Security teams love that. Review collected by and hosted on G2.com.

Show More
Show Less
CI
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

its provides an automated cloud-based service for securing web, mobile and third-party enterprise applications Review collected by and hosted on G2.com.

What do you dislike?

Its bit cost cost compare to competitors, But I like all the features Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Veracode makes writing secure code just one more aspect of writing great code. With our designed-for-developer tools, API and workflow integrations Review collected by and hosted on G2.com.

Show More
Show Less
UB
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It provides a fair amount of security but has some quirks. Review collected by and hosted on G2.com.

What do you dislike?

Not as user friendly as I would like it to be Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

My experience is using Peer reviews. Review collected by and hosted on G2.com.

Show More
Show Less
UH
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Very user friendlyand easy to navigate.. response time for assistance is great Review collected by and hosted on G2.com.

What do you dislike?

Nothing to report at this time working well Review collected by and hosted on G2.com.

Recommendations to others considering the product:

N/A Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Risk management Review collected by and hosted on G2.com.

Show More
Show Less
UL
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Single solution for both static and dynamic scans. Review collected by and hosted on G2.com.

What do you dislike?

There's a little bit of a learning curve. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Developing secure software. Review collected by and hosted on G2.com.

Show More
Show Less
Sr. Systems and Security Architect
Computer Software
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

I like that Veracode has a tool that allows a programmer to use Visual Studio to run the tool. I also allows the programmer to view vulnerabilities in the source code reported by Veracode within Visual Studio. This make it very well integrated with Visual Studio. Review collected by and hosted on G2.com.

What do you dislike?

Veracode can take quite a bit of time to run a source code analysis. This can be discouraging to the programmers and sometimes they do not run Veracode because of this slowness. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

If you need static code security analysis, and who doesn't, this is the product for you. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

My company is using Veracode as the first item to be run before a Application Security Review. It shows the items that are the possible problems before running a dynamic vulnerability scan. Review collected by and hosted on G2.com.

Show More
Show Less
AH
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Was required by some of our customers, allowed us to scan code and develop higher confidence in security robustness Review collected by and hosted on G2.com.

What do you dislike?

Huge number of false positives that needed to be explained away, did not deal well with 3rd party libraries Review collected by and hosted on G2.com.

Recommendations to others considering the product:

try it once, and you will run away Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Static code analysis for security Review collected by and hosted on G2.com.

Show More
Show Less
Owner
Design
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

The world needs something like Veracode. Cyberthreats are too complex and are changing too fast for average software developers to keep up with all the necessary expertise and techniques. Separating cybersecurity testing into a standalone, purpose-built service simply makes sense. I appreciate that Veracode is, at least in theory, attempting to be that platform. Review collected by and hosted on G2.com.

What do you dislike?

Unfortunately, Veracode hasn't actually found the formula for success yet. The interface is clunky and disjointed, the documentation is confusing, and customer support takes literally weeks or months to respond to requests. It's a classic case of an excellent idea with lackluster execution. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Press their sales people hard for details about whether the platform actually covers your security needs. Despite claiming broad coverage, there are some large holes. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

So far, despite quite a bit of money and effort on my part as an independent developer, Veracode has not helped me make any meaningful improvements in the security of my software products. I can't say I've realized any benefits. Review collected by and hosted on G2.com.

Show More
Show Less
AC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Veracode combines human and automated scanning to offer a really robust report. Reports are actionable, remediation is automated, and executive summaries are available on demand. Review collected by and hosted on G2.com.

What do you dislike?

Veracode today is robust for static scans, but limited to specific mobile builds and Firefox for dynamic scans. This makes analyzing Saas apps that do not support Firefox particularly challenging. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

If your app supports Firefox, this is the best tool on the market! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Application security, vulnerability assessment. Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

The idea. I'm a big evangelist of clean code and standards. Review collected by and hosted on G2.com.

What do you dislike?

Everything:

- Scans inaccurate

- Slow

- Outdated UI

- Not user friendly

- Terrible HTTP API for automation

- Bad customer support

- One of our applications, only 1 out of hundreds issues turns out to be true. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

If you want your developers frustrated, go ahead and impose veracode. SonarQube together with Findbugs provides more useful feedback. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

No benefits. I only use Veracode because it is enforced by company policies Review collected by and hosted on G2.com.

Show More
Show Less
Do you work for Veracode Application Security Platform?