• Home
  • Synopsys Code Dx vs. Veracode

Synopsys Code Dx vs Veracode comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
Synopsys Code Dx
Read 1 Synopsys Code Dx review
534 views|444 comparisons
0% willing to recommend
Veracode Logo
Veracode
Read 194 Veracode reviews
24,547 views|16,408 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Static Application Security Testing (SAST)
June 2024
Executive Summary
Updated on Mar 20, 2023

We performed a comparison between Synopsys Code Dx and Veracode based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Synopsys Code Dx offers several deployment options and an intuitive installation process. Veracode has a straightforward and easy initial setup process that allows for quick deployment and integration into existing systems.
  • Features: Synopsys Code Dx simplifies static analysis issue review, helping developers prioritize fixing critical issues. Veracode provides powerful and efficient code analysis with low false positive rates.
  • Pricing: Synopsys Code Dx does not have a free version and the pricing needs to be obtained by contacting their sales team. Veracode offers flexible licensing options and can fit within some budgets, but users may need to consider costs and explore other options. Additionally, Veracode allows temporary excess of application accounts and offers some flexibility in its licensing model.
  • Service and Support: Synopsys Code Dx offers multiple support options and 24/7 live support from representatives. Veracode provides good technical support, consultations, and a premier package for access to consultants and updates.

Comparison Result: Based on the parameters we compared, Veracode comes out ahead of Synopsys Code Dx. Although both products have valuable features and good technical support, our reviewers found that Synopsys Code Dx has higher false positive rates and less flexibility in licensing options.

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: June 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Saravanan_Radhakrishnan
Facilitates continuous assessment of applications, covering both static and dynamic security aspects
ShubhamSharma5
A very good tool for dynamic application testing, but its price is a little high
We have had challenges with security because developers come from different organizations and different backgrounds. They have different ways of... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution. Synopsys is a Gartner leader, so I position this particular technology for the technical pre-sales part of it."

More Synopsys Code Dx Pros →

"The developers' awareness of the security weaknesses within their code has improved. They aren't just mitigating these issues, they are realizing these are, in fact, issues that have to be dealt with.""Before Veracode, the application was deployed to the production server and there would be a lot of bugs and issues. Once we implemented the Veracode scan, the full deployment issues were drastically reduced.""Veracode has good support for microservices, and I also like the sandbox environment. For example, when introducing a new component, we can scan it in a sandbox environment. It will not impact the main environment. When our team fixes it, they. can push it to the production environment when the results are acceptable.""It's comprehensive from a feature standpoint.""Regarding Software Composition Analysis, an exceptional feature is that during a SAST scan, SCA is seamlessly conducted in the background.""It's straightforward, and it does not require a lot of time. It's a straightforward platform that you can use for performing scans or mitigating issues. It has a very good user interface. FAQs are also helpful in case you are not familiar with it.""The source composition analysis component is great because it gives our developers some comfort in using new libraries.""The static scan is the feature that we use the most, as it gives us insight into our source code. We have it integrated with our continuous integration, continuous delivery system, so we can get insight quickly."

More Veracode Pros →

Cons
"The initial setup is a bit challenging because things are not easy. It needs a lot of technology adaptability plus the customer's environment-specific use cases."

More Synopsys Code Dx Cons →

"The false positive rates were quite high in our case.""There are many times when their product goes to check my code and it dies, and I don't know why. I've contacted support and they're not really helpful with this particular problem. I go to the logs and I look at what I can but I can't tell why the check process has essentially just died in the middle of checking.""One concern is that scans take a long time to run. We scan at the end of the day because we know it will take a lot of time. We leave it to run and the report will be generated by the next day when we arrive. The scanning time could be reduced.""Veracode can be improved in terms of software composition analysis and related vulnerabilities.""Some features could be improved in terms of user-friendliness.""The technical support service has room for improvement.""I haven't heard about any problems so far. However, it would be great if Veracode automatically packaged stuff up for you.""There is much to be desired of UI and user experience. The UI is very slow. With every click, it just takes a lot of time for the pages to load. We have seen this consistently since getting this solution. The UI and UX are very disjointed."

More Veracode Cons →

Pricing and Cost Advice
  • "It is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not for everybody."

    • More Synopsys Code Dx Pricing and Cost Advice →

  • "Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
  • "The pricing is pretty high."
  • "The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."
  • "I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
  • "It's worth the value"
  • "Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
  • "It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."
  • "The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

    • More Veracode Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Synopsys Code Dx?
    Top Answer:The customers were looking for something around static security and dynamic security, and in all those areas, they were looking for an industry leader with a proven solution Synopsys is a Gartner… more »
    What is your experience regarding pricing and costs for Synopsys Code Dx?
    Top Answer:I would rate the pricing model an eight out of ten, where one is low and ten is high. Because it is more of an enterprise solution for budget-conscious customers. So, it's moderately priced. It's not… more »
    What needs improvement with Synopsys Code Dx?
    Top Answer:Code Dx lacks one aspect, the dynamic security part, known as DAST. It's not an on-premise solution; it's in the cloud now. There are compliance standards and data standards where the customer might… more »
    Which gives you more for your money - SonarQube or Veracode?
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »
    Read all 6 answers   →
    What do you like most about Veracode?
    Top Answer:The SAST and DAST modules are great.
    Read all 96 answers   →
    What is your experience regarding pricing and costs for Veracode?
    Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
    Read all 66 answers   →
    Ranking
    32nd
    out of 71 in Static Application Security Testing (SAST)
    Views
    534
    Comparisons
    444
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    2nd
    out of 71 in Static Application Security Testing (SAST)
    Views
    24,547
    Comparisons
    16,408
    Reviews
    94
    Average Words per Review
    989
    Rating
    8.1
    Comparisons
    Also Known As
    Crashtest Security , Veracode Detect
    Learn More
    Synopsys
    Video Not Available
    Veracode
    Overview

    Code Dx by Synopsys works with Intelligent Orchestration to give organizations the ability to: Execute tests and automatically run AppSec tools. Correlate results from multiple tools, combining security issues found by 75+ tools. Prioritize security issues, filtering out noise using machine learning.

    Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achievereal-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

    Learn more atwww.veracode.com, on theVeracode blog, and onLinkedInandTwitter.

    Sample Customers
    Information Not Available
    Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company14%
    Manufacturing Company13%
    Insurance Company11%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm23%
    Insurance Company9%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company8%
    Government6%
    Company Size
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise15%
    Large Enterprise71%
    REVIEWERS
    Small Business31%
    Midsize Enterprise20%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    Buyer's Guide
    Static Application Security Testing (SAST)
    June 2024
    Download Free Report
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: June 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Synopsys Code Dx is ranked 32nd in Static Application Security Testing (SAST) with 1 review while Veracode is ranked 2nd in Static Application Security Testing (SAST) with 194 reviews. Synopsys Code Dx is rated 0.0, while Veracode is rated 8.2. The top reviewer of Synopsys Code Dx writes "Facilitates continuous assessment of applications, covering both static and dynamic security aspects". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Synopsys Code Dx is most compared with Checkmarx One, Coverity and SonarQube, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and Fortify Static Code Analyzer.

    See our list of best Static Application Security Testing (SAST) vendors.

    We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.