We performed a comparison between ERPScan SMART Cybersecurity Platform and Veracode based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The core scanning, the scanning process, has got a very nice pass management module. It's fantastic."
"This is a great tool for learning about potential vulnerabilities in code."
"It has caught lots of flaws that could have been exploited, like SQL injection flaws. It has also improved developer engagement with information security."
"Informs me of code security vulnerabilities. Bamboo build automation with Veracode API calls are used."
"It has improved the quality of code being delivered for test and its vulnerability resolutions timeline has improved."
"It's not "one policy fits all." I really like that Veracode allows me to set up specific policies that I can apply to applications."
"Static analysis scanning engine is a key feature."
"The coverage of the last vulnerabilities reported."
"It is a cloud-based platform, so every organization or every security team in the organization is concerned about uploading their code because ultimately the code is intellectual property. The most useful thing about Veracode is that if you want to upload the code, they accept only byte code. They do not accept the plain source code as an input. The code is converted into binary code, and it is uploaded to Veracode. So, it is quite secure. It also has the automation feature where you can integrate security during the initial stages of your software development life cycle. It is pretty much easy with Veracode. Veracode provides integration with multiple tools and platforms, such as Visual Studio, Java, and Eclipse. Developers can integrate with those tools by using Jenkins. The security consultation or the support that they provide is also really good. Its user management is also good. You can restrict the users for a particular application so that only certain developers will be able to see the code that has been scanned. Their reporting model is really good. For each customer, they provide a program manager. Every quarter, they have their reviews about how much it has scanned. They also ensure that the tool has been used efficiently."
"The anomaly detection could be improved."
"Veracode Static Analysis lacks penetration testing, so that's a concern. The tool is also unable to scan when it's a C or C++ model, so that's another area for improvement."
"Veracode needs to improve its integration with other tools."
"We are testing Veracode's software composition analysis, but we're having trouble integrating it with SVN. It works out of the box when you use Git but doesn't work as well with other tools like SVN. It's more geared toward Git"
"It needs to reach the level of Checkmarx's and Fortify Software's capabilities and service levels, or may further loosen the market share."
"It's very expensive for a small organization."
"If Veracode was more diversified, as far as the number of platforms and the number of applications it could do in our favor, we would be using it even more. But there are a number of platforms it doesn't support. For example, I know they support C+, .NET, and Java, but there are certain platforms they don't support and that was disappointing."
"It can be a bit complex because it takes a lot of time to have it complete the task."
"When we engaged Veracode to conduct the manual penetration testing, they were extremely slow in completing the task and delivering the report, causing a delay of two to three weeks for us."
ERPScan SMART Cybersecurity Platform is ranked 54th in Application Security Tools while Veracode is ranked 2nd in Application Security Tools with 193 reviews. ERPScan SMART Cybersecurity Platform is rated 0.0, while Veracode is rated 8.2. The top reviewer of ERPScan SMART Cybersecurity Platform writes "Good core scanning, a helpful GDPR assessment template and very good technical support". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". ERPScan SMART Cybersecurity Platform is most compared with Onapsis, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and OWASP Zap.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
