Codebashing OverviewUNIXBusinessApplication

Codebashing is the #2 ranked solution in our list of top Application Security Training Software. It is most often compared to Veracode Security Labs: Codebashing vs Veracode Security Labs

What is Codebashing?

Codebashing's SaaS platform is built specifically to train, refresh and validate Software Developers and DevOps personnel on Application Security and Secure Coding principles; helping business to develop and maintain more secure software and applications. Codebashing achieves this through a purpose-built platform for developers that is time-efficient, game-like, and provides hands-on vulnerable applications to interact with… providing insight into how common vulnerabilities manifest within the application stack.

Codebashing Buyer's Guide

Download the Codebashing Buyer's Guide including reviews and more. Updated: September 2021

Codebashing Customers

Fitbit, Microsoft, Just Eat, NCC Group, National Bank of Abu Dhabi, Sky

Codebashing Video

Pricing Advice

What users are saying about Codebashing pricing:
  • "This solution is not freeware and more expensive than similar products."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Dodzi Kwame Agudogo
Senior Software Development Engineer at Stanbic Bank Ghana
Real User
Top 5Leaderboard
Good plugins, very scalable, and great for checking code vulnerabilities

What is our primary use case?

We use the solution for scanning the codes we develop in Java. We use it to check them against our glitches, then we mediate them before we push them to the applications and to the server.

Pros and Cons

  • "There are lots of great plugins available."
  • "The user interface could be updated and refreshed. It has the appearance of being very basic."

What other advice do I have?

We're just customers. We don't have a business relationship with the company. I'm pretty sure that the company is using the latest version. I didn't really check the version number, however, I think it's the latest. While we do use a cloud version now, it was previously deployed on-premises. It is a great solution. It's easy to integrate into and it is very common, very popular, here. Anything you need to do, you can do it on the platform. For example, if you're looking to add it to your CITD pipeline, there's a plugin to do that. It's great. Overall, out of ten, I'd rate it at a nine.
VD
Sr. Application Security Manager at a tech services company with 201-500 employees
Real User
Top 5Leaderboard
Has lots of configuration options, good security and good flexibility

What is our primary use case?

We primarily use the solution as part of an integration with the CI pipeline.

Pros and Cons

  • "There's a lot of flexibility and there are a lot of configuration options."
  • "The solution should make the configuration more simple. Sometimes the configuration is complex."

What other advice do I have?

We are not a customer of the solution at my current organization. We are currently running a POC. However, in my previous position, I was a customer. I'd rate the solution nine out of ten. It's a hard solution for developers to just start using. It's not so easy to just jump into. It takes time.
Find out what your peers are saying about Codebashing vs. Veracode Security Labs and other solutions. Updated: September 2021.
535,544 professionals have used our research since 2012.
Cuneyt KALPAKOGLU Phd.
Founder & Chairman at Endpoint-labs Cyber Security R&D
Real User
Top 5Leaderboard
When we hire new engineers, it's company policy that they have to complete the Codebashing sessions

What is our primary use case?

We are very seriously using Codebashing. For example, when we have new engineers in the company, it is company policy that they have to complete the Codebashing sessions. During the orientation and onboarding period, all the engineers of our company must complete the Codebashings sessions and many of our customers are doing the same. We are strategic partners with Checkmarx and we are an internationally certified training center for Checkmarx and Codebashing.

Pros and Cons

  • "From an academic point of view, Codebashing is a very good product because it is based on gamification. This is especially true if you don't have any idea about secure code training. It is one of the best tools in the world to learn secure coding. The product explains very well how vulnerabilities can be found and how programmers can develop securely."
  • "If customers would be able to define their own quizzes or exams, it would be very good. That is the only missing part that I see - customer based scenarios, examinations and quizzes."

What other advice do I have?

My advice for anyone considering using Codebashing is to try the free version on their web page first. I would advise them to use the free version to understand the concept and to play with the program and only then to consider purchasing it. On a scale of one to 10, I would rate Codebashing a nine.
SiddharthSinghal
Information Security Engineer at a tech vendor with 51-200 employees
Real User
Top 20
Good knowledge base and easy to deploy, but it is only available for Windows

What is our primary use case?

We are a solution provider and this is one of the products that we are evaluating. We use Codebashing to provide users with different exercises for Python and UI. It allows them to practice.

Pros and Cons

  • "The most valuable feature is the integration with WhiteSource, which allows for open-source scanning."
  • "This solution is available for Windows only and does not have a Linux distribution."

What other advice do I have?

I have tested several areas of Codebashing and have used some of the labs that they provide. The labs are useful because you can find examples of flags and known vulnerabilities. It is different from other products. I would rate this solution a six out of ten.