Compare GitLab vs. Veracode Software Composition Analysis

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about GitLab vs. Veracode Software Composition Analysis and other solutions. Updated: September 2020.
442,986 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The dashboard and interface make it easy to use.""We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people.""Everything is easy to configure and easy to work with.""A user friendly solution.""It speeds up our development, it's faster, safer, and more convenient."

More GitLab Pros »

"The most valuable feature is the efficiency of the tool in finding vulnerabilities.""The solution is stable. we've never had any issues surrounding its stability.""This is a great tool for learning about potential vulnerabilities in code.""The article scanning is excellent.""The most valuable feature is the dynamic application security testing."

More Veracode Software Composition Analysis Pros »

Cons
"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc.""I would like to see static analysis also embedded in GitLab. That would also help us. If there's something that it does internally by GitLab and then that is already tied up with your pipeline and then it can tell you that you're coding is good or your code is not great. Based on that, it would pass or fail. That should be streamlined. I would think that would help to a greater extent, in terms of having one solution rather than depending on multiple vendors.""The only thing our company is really waiting on in terms of features is the development of metrics.""Reporting could be improved.""I would like to see better integration with project management tools such as Jira."

More GitLab Cons »

"A high number of false positives are reported and this should be reduced.""The cost of the solution is a little bit expensive. Expensive in the sense that there was a hundred percent increase in cost from last year to this year, which is certainly not justified.""There were some additional manual steps or work involved that we should not have needed to do.""The documentation is poor and the technical support isn't helpful.""In the future, I would like to see the RASP capability built-in."

More Veracode Software Composition Analysis Cons »

Pricing and Cost Advice
"I think that we pay approximately $100 USD per month."

More GitLab Pricing and Cost Advice »

"Without getting too specific, I'd say the average yearly cost is around $50,000. The costs include licensing and maintenance support."

More Veracode Software Composition Analysis Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
442,986 professionals have used our research since 2012.
Questions from the Community
Ask a question

Earn 20 points

Top Answer: The article scanning is excellent.
Top Answer: I have no idea what the licensing costs on the solution are. Our IT team handles the details.
Top Answer: The licensing model could be improved. If they can provide an automatic upload model, that would be really good. Right now we have to upload the NK bucket hosting to get through the analysis. That is… more »
Ranking
Views
5,575
Comparisons
4,884
Reviews
3
Average Words per Review
503
Avg. Rating
8.7
Views
2,476
Comparisons
2,119
Reviews
5
Average Words per Review
559
Avg. Rating
7.4
Popular Comparisons
Compared 27% of the time.
Compared 10% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 3% of the time.
Also Known As
Veracode SCA, SourceClear
Learn
GitLab
Veracode
Overview

GitLab is a single application with features for the whole software development and operations (DevOps) lifecycle.

Veracode Software Composition detects open source vulnerabilities in the software development process with higher accuracy. Veracode SCA reduces false positives by prioritizing vulnerabilities in the execution path of the application. Its proprietary database contains significantly more vulnerabilities than the NVD because it datamines pull requests, bug reports, and release notes. It also looks for vulnerabilities in dependencies several layers deep. Veracode SCA is part of a comprehensive DevSecOps solution that covers multiple assessment types, enables developers, and helps organizations achieve AppSec governance.

Offer
Learn more about GitLab
Learn more about Veracode Software Composition Analysis
Sample Customers
Siemens, University of Washington, Equinix, Paessler AG, CNCF, Ticketmaster, CERN, VaadinBlue Prism, Advantasure, Automation Anywhere, Cox Automotive
Top Industries
VISITORS READING REVIEWS
Computer Software Company30%
Comms Service Provider17%
Financial Services Firm7%
Government7%
VISITORS READING REVIEWS
Computer Software Company45%
Comms Service Provider11%
Manufacturing Company6%
Media Company5%
Find out what your peers are saying about GitLab vs. Veracode Software Composition Analysis and other solutions. Updated: September 2020.
442,986 professionals have used our research since 2012.
GitLab is ranked 5th in Software Composition Analysis (SCA) with 5 reviews while Veracode Software Composition Analysis is ranked 6th in Software Composition Analysis (SCA) with 5 reviews. GitLab is rated 8.6, while Veracode Software Composition Analysis is rated 7.4. The top reviewer of GitLab writes "Provides or mandates quantitative code into the Master". On the other hand, the top reviewer of Veracode Software Composition Analysis writes "Enables us to identify potential problems in applications and fix them before they are used in ways they should not be but has false positives". GitLab is most compared with Microsoft Azure DevOps, Tekton, TeamCity, Bamboo and Harness, whereas Veracode Software Composition Analysis is most compared with Black Duck , JFrog Xray, Snyk, WhiteSource and Sonatype Nexus Lifecycle. See our GitLab vs. Veracode Software Composition Analysis report.

See our list of best Software Composition Analysis (SCA) vendors.

We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.