Veracode Review

We're much more security conscious when writing code, to meet the benchmarks it gives us

What is our primary use case?

Dynamic and static scanning.

How has it helped my organization?

We're being much more security conscious whenever we're writing code, and we're trying to make sure it's giving us a benchmark, and to make sure we meet that, on a release cycle.

In terms of AppSec best practices, it has made everybody more conscious about what they're trying to accomplish, because they know at the end of the release cycle we're going to be running scans. They basically need to make sure they adhere to all the rules.

Our customers have benefited from the added application security we offer because they're more confident that our software isn't going to expose their organizations to any risk.

What is most valuable?

The ability to run scans. It's a critical piece of why we use the platform. We use it to get our scan results and see where our software is vulnerable or not vulnerable.

It's part of our SDLC now.

What needs improvement?

The user interface can sometimes be a little challenging to work with, and they seem to be changing their algorithm on what is an issue. I understand why they do it, but sometimes it causes more work on our end.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

Not that I know of.

How is customer service and technical support?

I have not contacted tech support.

How was the initial setup?

It seemed straightforward. I didn't actually do the work, but from what I was told, it seemed like it was fairly easy to get going.

What was our ROI?

I cannot give numbers on any cost savings related to code fixes since implementing CA Veracode in our development process.

What's my experience with pricing, setup cost, and licensing?

It's worth the value.

Which other solutions did I evaluate?

We did evaluate other options, but I can't remember who we looked at.

What other advice do I have?

I would be highly likely to recommend working with CA Veracode to colleagues. 

I rate it an eight out of 10. It's a good product - I can't say that it's lighting my world on fire - but it does what it needs to do.

Just be prepared that it's going to take effort from all aspects of the business to be able to utilize and achieve the goal that you're looking to achieve with the product.

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More Veracode reviews from users
...who work at a Financial Services Firm
...who compared it with WhiteSource
Add a Comment