Most Helpful Review
Use Micro Focus SecurityScope [EOL]? Share your opinion.
Enables us to automatically submit each new build for scanning and get results directly into our JIRA
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pricing and Cost Advice
Information Not Available
Veracode has been fair. We use their SaaS solution and it's just an annual subscription.
No issues, the pricing seems reasonable.
It is pricey. There is a lot of value in the product, but it is a costly tool.
I recommend going for a one-year licensing with CA, because currently they are the leaders in this field with more features and a much better turn around time with a cheaper position, but there are a lot of new companies coming up in the market and they are building up their platforms.
Costs are reasonable. No special infrastructure is required and the license model is good.
I think the pricing is in line with the rest of the tools. I think you get what you pay for. It is certainly not inexpensive, but the value proposition is there. There are certainly cheaper tools, but I don't think we'd be getting the support that we get with those, and that is what separates this product from the others.
Regarding licensing, pay very close attention to what applications you're going to need to do dynamic scanning for, versus static. Right now, the way the licensing is set up, if you don't have any static elements for a website, you can certainly avoid some costs by doing more dynamic licenses. You need to pay very close attention to that, because if you find out later that you have static code elements - like Java scripts, etc. - that you want to have scanned statically, having the two licenses bundled together will actually save you money.
We're very comfortable with their model. We think they're a good value. We worked very closely with Veracode on understanding their license model, understanding what comprises the fee and what does not. With their assistance in design, we decomposed our application in a way where we are scanning a very significant amount of code without wasting their capacity and generating redundant reported issues. You scan in profiles, per se. And we work with them, in their offices, to design the most effective approach. So the advice I would have for customers is, you can get up and live fast, but work closely with Veracode to refine the method you use for scanning and the way you compile the applications. There's a concept called entry-point scanning, and that's probably not used well by the rest of their customers. We see our licensing as a good value because we leverage it heavily.
In Application Security
out of 32 in Application Security
Compared 43% of the time.
Compared 17% of the time.
Compared 10% of the time.
Also Known As
|SecurityScope, Fortify Program Trace Analyzer, HPE SecurityScope|
Micro Focus WebInspect is a Web application security assessment solution designed to thoroughly analyze today’s complex Web applications and Web services for security vulnerabilities. It delivers broad technology coverage, fast scanning capabilities, extensive vulnerability knowledge, and accurate Web application scanning results. Micro Focus WebInspect is an integral part of the Micro Focus integrated security testing technologies that uncover real and relevant security vulnerabilities in a way that siloed security testing cannot.
Veracode is an application security company that offers an automated cloud-based service for securing web, mobile and third-party enterprise applications. Veracode provides multiple security analysis technologies on a single platform, including static analysis, dynamic analysis, mobile application behavioral analysis and software composition analysis.
Learn more about Micro Focus SecurityScope [EOL]
Learn more about Veracode
|Neosecure, Rabobank, NAMIC Insurance Company, UBM Tech, Maccabi Healthcare Services, Bank of Tianjin||State of Missouri, Rekner|
No Data Available
Financial Services Firm33%
Financial Services Firm26%
Software R&D Company8%
No Data Available