We performed a comparison between Contrast Security Protect and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Protect provides us with more in-depth visibility into ongoing attacks."
"The product gives a few false positives. We get 99 percent true positives."
"The solution has excellent real-time capabilities."
"One of the best things they offer is the scalability. The fact that you can work with it through the cloud means that if you have unintegrated business units, you don't have to worry about having a solution on-prem and having the network connection; you don't have to worry about giving up source code, you are just sending your binary files for most of the applications. So it scales much faster."
"It gives me an idea about the most important vulnerabilities and fast remediation tips."
"The main feature, and one of the most important, is the static code analysis. We are able to complete an analysis of the security flaws with this platform. It's very good at helping us find and fix flaws."
"From a developer's perspective, Veracode's greenlight feature on the IDE is helpful. It helps the developer to be more proactive in secure coding standards. Apart from that, static analysis scanning is definitely one of the top features of Veracode."
"The most valuable feature is the security and vulnerability parts of the solution. It shows medium to high vulnerabilities so we can find them, then upgrade our model before it is too late. It is useful because it automates security. Also, it makes things more efficient. So, there is no need for the security team to scan every time. The application team can update it whenever possible in development."
"I have used this solution in multiple projects for vulnerability testing and finding security leaks within the code."
"The developers' awareness of the security weaknesses within their code has improved. They aren't just mitigating these issues, they are realizing these are, in fact, issues that have to be dealt with."
"I don't have much experience with the solution yet. We're looking at integrating Manual Penetration Testing with JIRA and Bamboo and then building that into a CICD model, so the integration is the most valuable feature so far."
"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"Contrast Security Protect needs to improve integration."
"There's room for improvement in the initial setup."
"Veracode can be improved in terms of software composition analysis and related vulnerabilities."
"The user interface can sometimes be a little challenging to work with, and they seem to be changing their algorithm on what is an issue. I understand why they do it, but it sometimes causes more work on our end."
"Veracode has plenty of data. The problem is the information on the dashboards of Veracode, as the user interface is not great. It's not immediately usable. Most of the time, the best way to use it is to just create issues and put them in JIRA... But if I were a startup, and only had products with a good user interface, I wouldn't use Veracode because the UI is very dated."
"Veracode would benefit greatly from more training resources. The videos are great, but I would like more hands-on training writing a script, validating a script with a unit test in a different language, etc. That's something that would be very valuable."
"Veracode scans provide a higher number of false positives."
"In the future, I would like to see the RASP capability built-in."
"Sometimes, the scans halt or drop for some reason, and we need to get help from Veracode to fix it."
"I would like to see improvement on the analytics side, and in integrations with different tools. Also, the dynamic scanning takes time."
Contrast Security Protect is ranked 33rd in Application Security Tools with 3 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Contrast Security Protect is rated 8.4, while Veracode is rated 8.2. The top reviewer of Contrast Security Protect writes "It provides us with more in-depth visibility into ongoing attacks". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Contrast Security Protect is most compared with SonarQube, Fortify on Demand, Snyk, Tenable.io Web Application Scanning and Sonatype Lifecycle, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer. See our Contrast Security Protect vs. Veracode report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
