Veracode Review

Allows us to prove our security levels to vendors, helps with our HIPAA security policies

What is our primary use case?

Certifying the application security of my SAS-based application code base.

How has it helped my organization?

It allows us to prove our security levels to vendors, and additionally helps us with our HIPAA security policies. Also, CA Veracode has provided AppSec best practices and guidance to our teams. Finally, it makes the IT Governance process of the sales cycle easier.

What is most valuable?

Static and dynamic scans of the code. It is part of our release cycle.

What needs improvement?

Mitigation review isn't always super easy.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with scalability.

How is customer service and technical support?

It is excellent.

How was the initial setup?

Straightforward to set up, but the configuration of the rules engine is difficult and complicated.

What was our ROI?

It helps us get over the line for security when contracting with customers, and any help reducing security vulnerabilities is a big help to us.

What's my experience with pricing, setup cost, and licensing?

Pricing/licensing is complicated.

What other advice do I have?

Do your research, make sure you implement the tools you need.

I am very likely to recommend Veracode to a colleague.

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More Veracode reviews from users
...who work at a Financial Services Firm
...who compared it with Coverity
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
510,534 professionals have used our research since 2012.
Add a Comment