Most Helpful Review
Use Quotium Seeker? Share your opinion.
Scans our thousands of dependencies every time we build and rechecks them daily, making us aware of what's going on
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pricing and Cost Advice
I don't really know about the pricing, but I'd say it's worth whatever Veracode is charging, because the solution is that good.
For the value we get out of it, coupled with the live defect review sessions, we find it an effective value for the money. We are a larger organization.
They have just streamlined the licensing and they have a number of flexible options available, so overall it is quite good, albeit pricey.
They just changed their pricing model two weeks ago. They went from a per-app license to a per-megabyte license. I know that the dynamic scan was $500 per app. Static analysis was about $4500 yearly. The license is only for the number of users, it doesn't matter what data you put in there. That was the old model. I do not know how the new model works.
Veracode has been fair. We use their SaaS solution and it's just an annual subscription.
No issues, the pricing seems reasonable.
Information Not Available
It's good value. That's the primary thing. It's not cheap-cheap, but it's good value.
The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear.
Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us.
You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it.
We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon
It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website.
Questions from the Community
Top Answer: JaeLee, check out our comparison page here of Veracode vs Checkmarx: https://www.itcentralstation.com/products/comparisons/checkmarx_vs_veracode Checkmarx is ranked 4th, while Veracode is ranked… more »
Top Answer: I would recommend Veracode. Our uses cases included removing vulnerable code from our Product and ensuring the product is secure. Veracode helps us in regularly scanning our code base and reporting… more »
Top Answer: SonarQube depends on completely what you configure the Rules. You will have the option of the Profile creation and can be assigned to the Projects. If you configure the project --> under them services… more »
Ask a question
Earn 20 points
Question: What do you like most about Snyk?
Top Answer: What is valuable about Snyk is its simplicity.
Question: What needs improvement with Snyk?
Top Answer: The product could be improved by including other types of security scanning (e.g. SAST or DAST), which is important. It would also help to include the static analysis specifically to the open-source… more »
Compared 51% of the time.
Compared 15% of the time.
Compared 8% of the time.
Compared 5% of the time.
Compared 4% of the time.
Compared 100% of the time.
Compared 21% of the time.
Compared 20% of the time.
Compared 12% of the time.
Compared 8% of the time.
Compared 6% of the time.
Also Known As
Veracode covers all your Application Security needs in one solution through a combination of five analysis types; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Unlike on-premise solutions that are hard to scale and focused on finding rather than fixing, Veracode comprises a unique combination of SaaS technology and on-demand expertise that enables DevSecOps through integration with your pipeline, and empowers developers to find and fix security defects.
The Seeker solution helps businesses find high-risk security weaknesses while fostering collaboration between development and security teams. It exposes vulnerable code and ties it directly to business impact and exploitation scenarios, providing a clear explanation of risks. By accelerating adoption of security testing technologies into the software development lifecycle (SDLC), customers across industries such as financial, health, energy and retail can get to market faster with increased stability and certainty.
Snyk’s mission is to help developers use open source code and stay secure. The use of open source is booming, but security is a key concern (https://snyk.io/stateofossecurity/). Snyk’s unique developer focused product enables developers and enterprise security to continuously find & fix vulnerable dependencies without slowing down, with seamless integration into Dev & DevOps workflows. Snyk is adopted by over 100,000 developers, has multiple enterprise customers (such as Google, New Relic, ASOS and others) and is experiencing rapid growth. Our investors are Canaan Partners, BOLDStart, and several successful developer tools entrepreneurs. Snyk was founded in 2015 and is headquartered in London with offices in Israel and the US. For more information, go to https://snyk.io/.
Learn more about Veracode
Learn more about Quotium Seeker
Learn more about Snyk
|State of Missouri, Rekner||El Al||StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief|
Financial Services Firm37%
Consumer Goods Company7%
Computer Software Company44%
Comms Service Provider11%
No Data Available
Computer Software Company43%
Comms Service Provider12%
No Data Available
See our list of best Application Security vendors.