We performed a comparison between Veracode and Virsec Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."It pinpoints the errors. Its accuracy is very interesting. It also elaborates on flaws, meaning it provides you with details about what is valid or not and how something can be fixed."
"We use it to get our scan results and see where our software is vulnerable or not vulnerable."
"It is SaaS hosted. That makes it very convenient to use. There is no initial time needed to set up an application. Scanning is a matter of minutes. You just log in, create an application profile, associate a security configuration, and that's about it. It takes 10 minutes to start. The lack of initial lead time or initial overhead to get going is the primary advantage."
"Developer Sandboxes help move scanning earlier within the SDLC."
"We are using the Veracode tools to expose the engineers to the security vulnerabilities that were introduced with the new features, i.e. a lot faster or sooner in the development life cycle."
"Provides the ability to understand the black zones in our system."
"The product provides guidance to develop secure software."
"The source composition analysis had very good reporting."
"We use the solution for Zero-day protection."
"I would like to see more technical support for some of the connectors, some more detailed diagrams or run-books on how to install some of stuff; more hand-holding in the sense of understanding our environment."
"Veracode has a few shortcomings in terms of how they handle certain components of the UI. For example, in the case of the false positive, it would be highly desirable if the false positive don't show up again on the UI, instead still showing up for any subsequent scan as a false positive. There is a little bit of cluttering that could be avoided."
"Once your report has been generated, you need to review the report with consultation team, especially if it is too detailed on the development side or regarding the language. Then, you need some professional help from their end to help you understand whatever has been identified. Scheduling consultation takes a longer time. So, if you are running multiple reports at the same time, then you need to schedule a multiple consultation times with one of their developers. There are few developers on their end who work can work with your developers, and their schedules are very tight."
"Veracode can be improved in terms of software composition analysis and related vulnerabilities."
"When Veracode updates the pool of tests and security checks, it could be a little more transparent about what it is releasing. It's not clear what it's adding. They do thousands of checks, and when they add more, there aren't many details about what the new tests are doing."
"The training lab is not very user-friendly and takes a long time to set up."
"Sometimes we get a lot of false positives even after configuring our policies, so that could be improved."
"There needs to be better API integration to the development team's pipeline, which is something that is missing and needs to be improved."
"The tool's dashboard needs to load since it is not responsive and takes time to load."
Veracode is ranked 2nd in Application Security Tools with 194 reviews while Virsec Security Platform is ranked 35th in Application Security Tools with 1 review. Veracode is rated 8.2, while Virsec Security Platform is rated 7.0. The top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". On the other hand, the top reviewer of Virsec Security Platform writes "Helps with Zero-day protection ". Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap, whereas Virsec Security Platform is most compared with CrowdStrike Falcon Cloud Security, CrowdStrike Falcon and Trend Vision One - Cloud Security.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.