We performed a comparison between ShiftLeft and Veracode based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."When it comes to ShiftLeft, the most valuable feature is definitely its ease of use and cost-effectiveness."
"This static analysis helps ensure a secure application rollout across all environments."
"I can have quick results by just uploading compiled components."
"I like the way the flaws are reported in the system."
"The source composition analysis component is great because it gives our developers some comfort in using new libraries."
"It is scalable and quick to deploy into the site and the pipelines. The reports and analytics are good, and the false positive rate is low. It gives true results."
"The most valuable features of the solution are its extensive reporting capabilities and user-friendly interface."
"Before Veracode, the application was deployed to the production server and there would be a lot of bugs and issues. Once we implemented the Veracode scan, the full deployment issues were drastically reduced."
"The most valuable feature of Veracode is the binary scan feature for auditing, which allows us to audit the software without the source code."
"Having support from senior management is crucial in making it mandatory for teams to collaborate with the security team throughout the development process."
"On-premise implementation is not available."
"Improving sorting through findings reports to filter by only what is critically relevant will help developers focus on issues."
"Sometimes, the scans halt or drop for some reason, and we need to get help from Veracode to fix it."
"We have encountered occasional issues with scalability."
"There should be more APIs, especially in SCA, to get some results or automate some things."
"When we engaged Veracode to conduct the manual penetration testing, they were extremely slow in completing the task and delivering the report, causing a delay of two to three weeks for us."
"There is room for improvement in the speed of the system. Sometimes, the servers are very busy and slow... Also, the integration with SonarQube is very weak, so we had to implement a custom solution to extend it."
"The sandbox could use some improvement; when creating a sandbox, it requires us to put the application name in twice, which seems unnecessary."
ShiftLeft is ranked 26th in Application Security Tools with 1 review while Veracode is ranked 2nd in Application Security Tools with 194 reviews. ShiftLeft is rated 10.0, while Veracode is rated 8.2. The top reviewer of ShiftLeft writes "Effectively in identify and fix bugs early in the development lifecycle". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". ShiftLeft is most compared with SonarQube, Black Duck and Semgrep Supply Chain, whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap.
See our list of best Application Security Tools vendors, best Static Application Security Testing (SAST) vendors, and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.