FlexNet Code Insight vs Veracode Comparison 2024

FlexNet Code Insight

Veracode

FlexNet Code Insight

Read 1 FlexNet Code Insight review

335 views|266 comparisons

Veracode

Read 193 Veracode reviews

6,768 views|4,518 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Software Composition Analysis (SCA)

April 2024

Executive Summary

We performed a comparison between FlexNet Code Insight and Veracode based on real PeerSpot user reviews.

Find out what your peers are saying about Synopsys, Snyk, Veracode and others in Software Composition Analysis (SCA).

To learn more, read our detailed Software Composition Analysis (SCA) Report (Updated: April 2024).

Download the complete report

767,847 professionals have used our research since 2012.

Featured Review

Anonymous User

Works

A decent web interface for reports, but the snippet style code matching requires too much effort

After about a year, we never really institutionalized the reports and review data coming from Flexera due to a number of issues. Some of those... Read more →

Anonymous User

Lead Consultant DevOps and Infrastructure at a tech vendor

Prevents vulnerable code, offers end-to-end visibility, and saves our developers time

Veracode's ability to prevent vulnerable code from entering the production environment is good. Using Veracode's ASC team is easy. I can send them... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"It had a web interface into the reporting tools that was decent, and open source components could be reported per project and/or aggregated similar to other software composition tools."

More FlexNet Code Insight Pros →

"For use cases where our company buys a product with the source code, but only the final executables or the binaries, only Veracode is able to work on that type of tool.""It's straightforward, and it does not require a lot of time. It's a straightforward platform that you can use for performing scans or mitigating issues. It has a very good user interface. FAQs are also helpful in case you are not familiar with it.""Our development team use this solution for static code analysis and pen testing.""Code analysis tool to help identify code issues before entered into production.""The user interface is quick, familiar, and user-friendly and makes navigation to other software very easy.""With the pipeline scanner, it's easier for developers to scan their products, as they don't have to export anything from their computers. They can do everything with the command line on their computer.""I like Veracode's ease of integration and onboarding. You can quickly and easily get started with a new project or application. That's one area where Veracode shines relative to other tools we've evaluated. Other tools need more work or an engineer to do the setup. With Veracode, you can do the onboarding in a few steps quickly.""The Veracode technical support is very good. They are responsive and very knowledgeable."

More Veracode Pros →

Cons

"I found the user interface cumbersome and difficult to use."

More FlexNet Code Insight Cons →

"It would be nice if Veracode were bundled with some preferred vendors like Salesforce and offered at a discount.""I would like Veracode to add more language support.""Improving sorting through findings reports to filter by only what is critically relevant will help developers focus on issues.""Sometimes the scans are not done quickly, but the solutions that it provides are really good. The quality is high, but the analysis is not done extremely quickly.""The static analysis is prone to a lot of false positives. But that's how it is with most static analysis tools... Also, the static analysis can sometimes take a little while. The time that it takes to do a scan should be improved.""The feature that allows me to read which mitigation answer was submitted, and to approve it, requires me to use do so in different screens. That makes it a little bit more complicated because I have to read and then I have to go back and make sure it falls under the same number ID number. That part is a little bit complicated from my perspective, because that's what I use the most.""The sandbox could use some improvement; when creating a sandbox, it requires us to put the application name in twice, which seems unnecessary.""The Web portal, at times, is not necessarily intuitive. I can get around when I want to but there are times when I have to email my account manager on: "Hey, where do I find this report?" Or "How do I do this?" They always respond with, "Here's how you do it." But that points to a somewhat non-intuitive portal."

More Veracode Cons →

Pricing and Cost Advice

Information Not Available

"Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."

"The pricing is pretty high."

"The worst part about the product is that it does not scale at all. Also, microservices apps will cost you a fortune."

"I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."

"It's worth the value"

"Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."

"It can be expensive to do this, so I would just make sure that you're getting the proper number of licenses. Do your analysis. Make sure you know exactly what it is you need, going in."

"The licensing and prices were upfront and clear. They stand behind everything that is said during the commercial phase and during the onboarding phase. Even the most irrelevant "that can be done" was delivered, no matter how important the request was."

More Veracode Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.

See Recommendations

767,847 professionals have used our research since 2012.

Questions from the Community

Ask a question

Earn 20 points

Which gives you more for your money - SonarQube or Veracode?

Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use… more »

Read all 6 answers →

What do you like most about Veracode?

Top Answer:The SAST and DAST modules are great.

Read all 96 answers →

What is your experience regarding pricing and costs for Veracode?

Top Answer:The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.

Read all 66 answers →

Ranking

17th

out of 40 in Software Composition Analysis (SCA)

Views

335

Comparisons

266

Reviews

Average Words per Review

Rating

N/A

3rd

out of 40 in Software Composition Analysis (SCA)

Views

6,768

Comparisons

4,518

Reviews

Average Words per Review

970

Rating

8.1

Comparisons

Black Duck vs. FlexNet Code Insight

Compared 74% of the time.

Mend.io vs. FlexNet Code Insight

Compared 26% of the time.

More FlexNet Code Insight Competitors →

SonarQube vs. Veracode

Compared 27% of the time.

Checkmarx One vs. Veracode

Compared 14% of the time.

Snyk vs. Veracode

Compared 6% of the time.

Fortify on Demand vs. Veracode

Compared 6% of the time.

OWASP Zap vs. Veracode

Compared 4% of the time.

More Veracode Competitors →

Also Known As

Crashtest Security , Veracode Detect

Learn More

Revenera

Video Not Available

Veracode

Overview

FlexNet Code Insight is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk, while you build your products and during their lifecycle. Manage open source license compliance. And add automation to your processes and implement a formal OSS strategy and policy that balances business benefits and risk management.

Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.

Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references. Veracode's dynamic analysis solution simulates real-world attacks to identify vulnerabilities that may not be detectable by static analysis alone. Veracode's software composition analysis solution scans open-source and third-party components for known vulnerabilities. Veracode's manual penetration testing service is performed by experienced security professionals who use a variety of techniques to identify vulnerabilities in software applications.

Many organizations, including Fortune 500 companies, government agencies, and startups, use Veracode's solution. Veracode's customers rely on Veracode to help them to improve the security of their software applications and to reduce the risk of data breaches and other security incidents.

Here are some of the benefits of using Veracode:

Veracode provides capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing to help organizations identify and fix security vulnerabilities in their software applications early in the development process.
Veracode helps organizations reduce the risk of data breaches and other security incidents by identifying and fixing security vulnerabilities in their software application.
Veracode helps organizations to comply with industry regulations. Many industries have regulations that require organizations to implement security measures to protect their customers' data. Veracode's solution can help organizations to comply with these regulations by providing them with the tools and resources they need to identify and fix security vulnerabilities in their software applications.

Sample Customers

Information Not Available

Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.

Top Industries

VISITORS READING REVIEWS

Computer Software Company24%

Manufacturing Company18%

Real Estate/Law Firm13%

Financial Services Firm10%

REVIEWERS

Computer Software Company26%

Financial Services Firm23%

Insurance Company9%

Comms Service Provider6%

VISITORS READING REVIEWS

Financial Services Firm18%

Computer Software Company15%

Manufacturing Company8%

Government6%

Company Size

VISITORS READING REVIEWS

Small Business14%

Midsize Enterprise26%

Large Enterprise60%

REVIEWERS

Small Business31%

Midsize Enterprise20%

Large Enterprise49%

VISITORS READING REVIEWS

Small Business17%

Midsize Enterprise13%

Large Enterprise70%

FlexNet Code Insight vs Veracode comparison

FlexNet Code Insight

Veracode