We performed a comparison between Tenable.io Web Application Scanning and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"The solution is stable."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"The initial setup is straightforward."
"Tenable provides the end analysis results covering all the published vulnerabilities and information on the market."
"We can get detailed information about vulnerabilities."
"It is fully automated."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"It's comprehensive from a feature standpoint."
"The SAST and DAST modules are great."
"Veracode has a nice API that they provide to allow for custom things to be built, or automation. We actually have integrated Veracode into our software development cycle using their API. We actually are able to automatically, every time a new build of a software is completed, submit that application, kick off a scan, and we get results in a much more automated fashion."
"It can be very hard to make a good lab environment with a console with log windows and code bases. What I like about Veracode is that they managed to do that. It has a very responsive graphical user interface and has worked very well. I was very pleased with that."
"I like the sandbox, the ability to upload compiled code, and how easy it is."
"The Security Labs [is] where I have the developers training and constantly improving their security, and remembering their security techniques. That way, they are more proactive and make sure things are correct. They're faster because they're doing it in the first place."
"What I found most valuable in Veracode Static Analysis is that it categorizes security vulnerabilities."
"I like Veracode's ease of integration and onboarding. You can quickly and easily get started with a new project or application. That's one area where Veracode shines relative to other tools we've evaluated. Other tools need more work or an engineer to do the setup. With Veracode, you can do the onboarding in a few steps quickly."
"The report customization needs to be better."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
"The dashboard could be more user-friendly."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
"The technical support should be improved. Currently, some attacks are detected while others are not."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"It isn't easy to manage vulnerabilities in Tenable."
"The solution's dashboards could be improved and made more user-friendly."
"The user interface can sometimes be a little challenging to work with, and they seem to be changing their algorithm on what is an issue. I understand why they do it, but it sometimes causes more work on our end."
"The interface is too complex."
"Sometimes, the scans halt or drop for some reason, and we need to get help from Veracode to fix it."
"The training lab is not very user-friendly and takes a long time to set up."
"Searching for applications in Veracode is a little bit difficult. We have to minimize the length of an application's name to 47 characters. It would be good if this limit could be increased so that an application's name can be properly reflected in Veracode."
"We have encountered occasional issues with scalability."
"I would like to see expanded coverage for supporting more platforms, frameworks, and languages."
"Veracode does not support scans for .NET Blazor server applications."
More Tenable.io Web Application Scanning Pricing and Cost Advice →
Tenable.io Web Application Scanning is ranked 24th in Application Security Tools with 14 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Tenable.io Web Application Scanning is rated 7.6, while Veracode is rated 8.2. The top reviewer of Tenable.io Web Application Scanning writes "Highly Recommended Solution with Latest Scanning Methods". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Tenable.io Web Application Scanning is most compared with Acunetix, Qualys Web Application Scanning, Fortify on Demand, PortSwigger Burp Suite Professional and GitLab, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer. See our Tenable.io Web Application Scanning vs. Veracode report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.