NowSecure vs Veracode Comparison 2024

NowSecure

Veracode

NowSecure

Read 1 NowSecure review

554 views|342 comparisons

Veracode

Read 194 Veracode reviews

25,312 views|16,984 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Static Application Security Testing (SAST)

April 2024

Executive Summary

We performed a comparison between NowSecure and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST).

To learn more, read our detailed Static Application Security Testing (SAST) Report (Updated: April 2024).

Download the complete report

771,170 professionals have used our research since 2012.

Featured Review

AnirudhNair

Quality Assurance and Analyst Intern at a university

Scalable and reliable, but dynamic analysis needs improvement

Anonymous User

Lead Consultant DevOps and Infrastructure at a tech vendor

Prevents vulnerable code, offers end-to-end visibility, and saves our developers time

Veracode's ability to prevent vulnerable code from entering the production environment is good. Using Veracode's ASC team is easy. I can send them... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"The most valuable feature is the ability to download an application without actually putting in the APK. It gives us an option to put the APK in if we want to but we can download it from the App Store and Play Store."

More NowSecure Pros →

"The reporting being highly accurate is pretty cool. I use another product and I was always looking for answers as to what line, which part of the code, was wrong, and what to do about it. Veracode seems to have a solid database to look things up and a website to look things up.""It provides security of different Shadow IT activities in our environment, especially around application development and website hosting.""Ad-hoc scanning during the development cycle and reports for audits are valuable features.""The static scan and the detailed reports, which include issue information and permissions, are the most valuable features.""The visibility into application status helps reduce risk exposure for our software. Today, any findings provided by the DAST are reviewed by the developers and we have internal processes in place to correct those findings before there can be a release. So it absolutely does prevent us from releasing weak code.""Good static analysis and dynamic analysis.""Another feature of Veracode is that they provide e-learning, but the e-learning is not basic, rather it is quite advanced... in the e-learning you can check into best practices for developing code and how to prevent improper management of some component of the code that could lead to a vulnerability. The e-learning that Veracode provides is an extremely good tool.""The integration of static testing with our Azure DevOps CI pipeline was easy."

More Veracode Pros →

Cons

"In this solution, there are two kinds of testing, static analysis, and dynamic analysis. There needs some improvement in testing with dynamic analysis because I have found it is not accurate"

More NowSecure Cons →

"The one thing I'd like to be able to do is schedule dynamic scans. Today we're kicking those off manually, but I believe that it's something have on their roadmap.""From what we have seen of Veracode's SCA offering, it is just average.""Veracode does not support scans for .NET Blazor server applications.""Software developers are always thinking about the next big thing but lose sight of what's happening right now. If you have an idea for a feature request, you must submit it to be voted on by the Veracode community. I don't like this. No one will look at it unless enough people vote for it.""The overall reporting structure is complicated, and it's difficult to understand the report.""It would help to have more training for developers to help them set it up.""Veracode Static Analysis lacks penetration testing, so that's a concern. The tool is also unable to scan when it's a C or C++ model, so that's another area for improvement.""It's taking too much time to do a quality scan."

More Veracode Cons →

Pricing and Cost Advice

Information Not Available

"Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."

"The pricing is pretty high."

"The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."

"I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."

"It's worth the value"

"Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."

"It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."

"The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

More Veracode Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.

See Recommendations

771,170 professionals have used our research since 2012.

Questions from the Community

Ask a question

Earn 20 points

Which gives you more for your money - SonarQube or Veracode?

Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »

Read all 6 answers →

What do you like most about Veracode?

Top Answer:The SAST and DAST modules are great.

Read all 96 answers →

What is your experience regarding pricing and costs for Veracode?

Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.

Read all 66 answers →

Ranking

33rd

out of 67 in Static Application Security Testing (SAST)

Views

554

Comparisons

342

Reviews

Average Words per Review

Rating

N/A

2nd

out of 67 in Static Application Security Testing (SAST)

Views

25,312

Comparisons

16,984

Reviews

101

Average Words per Review

976

Rating

8.1

Comparisons

GitLab vs. NowSecure

Compared 20% of the time.

Data Theorem API Secure vs. NowSecure

Compared 20% of the time.

Acunetix vs. NowSecure

Compared 16% of the time.

Checkmarx One vs. NowSecure

Compared 15% of the time.

More NowSecure Competitors →

SonarQube vs. Veracode

Compared 26% of the time.

Checkmarx One vs. Veracode

Compared 14% of the time.

Fortify on Demand vs. Veracode

Compared 7% of the time.

Snyk vs. Veracode

Compared 6% of the time.

OWASP Zap vs. Veracode

Compared 4% of the time.

More Veracode Competitors →

Also Known As

Crashtest Security , Veracode Detect

Learn More

NowSecure

Video Not Available

Veracode

Overview

NowSecure experts have conducted advanced pen testing for some of the world's most demanding organizations - including banks, insurance companies, government agencies, healthcare organizations, retail conglomerates, high-tech businesses, and more. Mobile apps are prone to sensitive data leakages and attacks, yet a manual test for just one app can take several weeks. To enable faster, more frequent testing, we built a test engine that successfully automates repeatable and time-consuming mobile appsec testing, remediation and reporting tasks. The result - the foundation of the NowSecure platform, which significantly reduces testing time and costs without compromising full depth of security coverage.

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Sample Customers

Vaporstream, FIS, MEA Financial, Silent Circle, Capital One, Citi, EY, EMC, Emerson, Kaiser Permanente, The Home Depot, Humana, Shell, Kellogg's, TD Bank, VMware

Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.

Top Industries

VISITORS READING REVIEWS

Financial Services Firm19%

Computer Software Company15%

Healthcare Company8%

Hospitality Company8%

REVIEWERS

Computer Software Company26%

Financial Services Firm23%

Insurance Company9%

Comms Service Provider6%

VISITORS READING REVIEWS

Financial Services Firm18%

Computer Software Company15%

Manufacturing Company8%

Government6%

Company Size

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise10%

Large Enterprise65%

REVIEWERS

Small Business31%

Midsize Enterprise20%

Large Enterprise49%

VISITORS READING REVIEWS

Small Business17%

Midsize Enterprise13%

Large Enterprise70%

NowSecure vs Veracode comparison