Veracode Review

SAST, DAST, and Greenlight point out potentially insecure coding and how to fix it


What is our primary use case?

We use it for a lot of things and they're all primary: SAST, DAST, and Greenlight.

How has it helped my organization?

By using this product, we can point out not only any potentially insecure coding, but how to fix it. It's a requirement, a legal requirement. So we benefit by not breaking regulatory law.

What is most valuable?

SAST, DAST, and Greenlight are the most important features because today it's important for our regulatory compliance law to keep our product coding relatively secure.

For our rapid, secure DevOps cycle, we have integration of the Vericode API into our build tool, and Greenlight into our IDE.

What needs improvement?

I think they are doing pretty well. It would help if there were a training module that would explain how to more effectively integrate the SAST product into the build tool, Jenkins or Bamboo. I think that's a real good idea.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with scalability, other than making sure that our people know how to use it.

How is customer service and technical support?

Excellent.

Which solutions did we use previously?

Never. I've been using it for 20 years. I tried others, like HPE's and IBM's, when I was with Visa, but this is the best.

How was the initial setup?

I think it's simple, but sometimes it would help to have more training for developers to help them set it up.

What was our ROI?

I can't give you exact numbers, but it's a lot cheaper to do it sooner rather than later.

What's my experience with pricing, setup cost, and licensing?

Pricing is worth the value. 

Which other solutions did I evaluate?

They didn't have products before this one. This one pre-dated them.

What other advice do I have?

I recommend CA Veracode all the time. I am a public speaker, frequently on the speaker circuit, and I recommend it all the time. There are really three solutions at the top of the industry ratings, and Veracode is the best, in my opinion.

We are a good customer and we had been for a long time. I actually am a bit of an evangelist for them when I'm doing public speaking.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Learn More About Veracode

Stay Up-To-Date on Application Security 

Add a Comment
Guest
Sign Up with Email