We performed a comparison between Veracode and Virsec Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."I don't have to have a team of developers behind me that keep up with all the latest threats because the subscription service they provide for me does that."
"When we expanded our definition of critical systems to include an internal application to be scanned by Veracode, we had initial scans that produced hundreds of vulnerabilities. We expected this, based on how the code was treated previously, but the Veracode platform allowed us to streamline our identification of these items and develop a game plan to quickly address them."
"It has caught lots of flaws that could have been exploited, like SQL injection flaws. It has also improved developer engagement with information security."
"The most valuable feature is Veracode SDP, which allows for something related to third-party vulnerabilities. When we build a product, we use a lot of third-party libraries instead of building everything from scratch. We just use a library which is already been built; we just use that component in our product. Sometimes, these libraries may have bugs or issues, and it's hard to keep track of them because we use thousands of them."
"It's helping us with security and making sure that we develop faster. It's able to scan every vulnerability. It's very powerful software that one can use to make sure that you have a very good, secure platform."
"The centralized view of different testing types helps reduce our risk exposure. The development teams have the freedom to choose their own libraries and languages. What happens is sometimes developers feel like a particular library is okay to use, then they will start using it, developing some functionality around it. However, as per our mandate, for every new repository that gets added and scanned, a report gets published. Based on that report, we decide if we can continue. In the past, we have found, by mistake, some developers have used copyleft licenses, which are a bit risky to use. We immediately replace these with more permissive, open-source licenses, so we are safe in the end."
"It is scalable and quick to deploy into the site and the pipelines. The reports and analytics are good, and the false positive rate is low. It gives true results."
"The most valuable features are that you can do static analysis and dynamic analysis on a scheduled basis and that you can push the findings into JIRA."
"We use the solution for Zero-day protection."
"There is room for improvement in the speed of the system. Sometimes, the servers are very busy and slow... Also, the integration with SonarQube is very weak, so we had to implement a custom solution to extend it."
"It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share."
"It needs better controls to include/exclude specific sections when creating a report that can be shared externally with customers and prospects."
"They should improve on the static scanning time."
"We have approximately 900 people using the solution. The solution is scalable, but there is a high cost attached to it."
"In the last month or so, I had a problem with the APIs when doing some implementations. The Veracode support team could be more specific and give me more examples. They shouldn't just copy the URL for a doc and send it to me."
"They need to have a plug-in, a better integration with the development environment."
"Veracode does not support scans for .NET Blazor server applications."
"The tool's dashboard needs to load since it is not responsive and takes time to load."
Veracode is ranked 2nd in Application Security Tools with 194 reviews while Virsec Security Platform is ranked 35th in Application Security Tools with 1 review. Veracode is rated 8.2, while Virsec Security Platform is rated 7.0. The top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". On the other hand, the top reviewer of Virsec Security Platform writes "Helps with Zero-day protection ". Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap, whereas Virsec Security Platform is most compared with CrowdStrike Falcon Cloud Security, CrowdStrike Falcon and Trend Vision One - Cloud Security.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.