We performed a comparison between Veracode and Virsec Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."You can easily integrate it with Azure DevOps. This is an added value because we work with Azure DevOps. Veracode is natively supported and we don't have to work with APIs."
"The deployment mode is very useful."
"I have used this solution in multiple projects for vulnerability testing and finding security leaks within the code."
"The source composition analysis component is great because it gives our developers some comfort in using new libraries."
"It has given our management a view into issues with all of our product lines. We have three products and all of them were scanned. As a result, the project lead for each product has taken measures to improve things."
"Vulnerability Management and mitigation recommendations help with resolution of issues found, prior to deployment to production."
"The solution's ability to help create secure software is very valuable. We're a zero-trust networking company so we want to have the ability to say that we're practicing security seriously. Having something like Veracode allows us to have confidence when we're speaking to people about our product that we can back up what we're doing with a certification, with a reputable platform, and say, "This is what we're using to scan an application. Here's the number of vulnerabilities that are on an application. And here's the risk that we're accepting.""
"The SAST and DAST modules are great."
"We use the solution for Zero-day protection."
"Veracode's container scanning could be improved. We containerize all the platforms we use inside a Docker image. For example, we create a Microsoft Docker image that we build our application on top of. I would like Veracode to implement IT scans before we commit the code."
"I would like Veracode to add more language support."
"One of the most important areas that need improvement for Veracode is its DaaS. Veracode's DAST engines are primitive."
"One area for improvement is the navigation in the UI. For junior developers or newcomers to the team, it can be confusing. The UI doesn't clearly bundle together certain elements associated with a scan. While running a scan, there are various aspects linked to it, but in the UI, they appear separate. It would be beneficial if they could redesign the UI to make it more intuitive for users."
"Calypso (our application) is large and the results take up to two months. Further, we also have to package Calypso in a special manner to meet size guidelines."
"The reporting was detailed, but there were some things that were missing. It showed us on which line an error was found, but it could have been more detailed."
"When Veracode updates the pool of tests and security checks, it could be a little more transparent about what it is releasing. It's not clear what it's adding. They do thousands of checks, and when they add more, there aren't many details about what the new tests are doing."
"If you schedule two parallel scans under the same project, one of them will be a failure."
"The tool's dashboard needs to load since it is not responsive and takes time to load."
Veracode is ranked 2nd in Application Security Tools with 194 reviews while Virsec Security Platform is ranked 35th in Application Security Tools with 1 review. Veracode is rated 8.2, while Virsec Security Platform is rated 7.0. The top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". On the other hand, the top reviewer of Virsec Security Platform writes "Helps with Zero-day protection ". Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap, whereas Virsec Security Platform is most compared with CrowdStrike Falcon Cloud Security, CrowdStrike Falcon and Trend Vision One - Cloud Security.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.