Veracode Centralized View - All Testing Types
Does Veracode Software Composition Analysis (SCA) help provide you a centralized view across all testing types, including SAST, DAST, SCA, and manual penetration testing? If yes, how important is having a centralized view to your developers and security professionals, and why?
Alice William
Senior Web Developer at a insurance company with 1,001-5,000 employees
Veracode provides visibility into the status of our applications at every phase of development throughout the software development lifecycle. We heavily use the Veracode Greenlight plugin for Visual Studio to scan and check our code as we write it. Veracode also helps us to develop our applications securely. We have configured our QA websites to be scanned by Veracode so that we do not push anything into production that is insecure. All of our dynamic scans are set up to scan our QA environments, just to be safe. Our QA and production environments have very similar configurations, so we do not push anything to production without first testing it in QA.
View full review »Learn More: Other Topics:
- Guidance Fixing Vulnerabilities
- Developer Security Skills
- Static Analysis Pipeline Scan
- Static Analysis Pipeline Scan - Speed
- Policy Reporting - Compliance
- All Testing Types - Affect
- Scanning Process - Reduce Time
- Security Debt
- Secure Software
- Increase Productivity
- Scanning Process - Importance
- Scanning Process - Best Practices
- False-Positive Rate
- Prevent Vulnerable Code
- Reduced Costs
- Fix Flaws
- Visibility into Application Status
- What Would You Say?
- Save Time
- SBOM - Reporting
- False-Positive Rate - Time and Costs
- Security Posture
- SBOM - Managing Risks
- False Positives - Fixing Vulnerabilities
- Centralized View - All Testing Types
- Centralized View - Application Status
- Code Scanning
- Cost Effectiveness
- ASC
- ASC - Support with Issues
- Shift Left
- Testing
- AI Generated Fixes
- Innovative Features
- ASC - Cost
- What is the biggest difference between Veracode and Checkmarx?
- Which gives you more for your money - SonarQube or Veracode?
- Checkmarx or Veracode. Which should we choose?
- Would you recommend Veracode? What are some of your use cases?
- Checkmarx vs SonarQube; SonarQube interoperability with Checkmarx or Veracode
- What do I scan when changing code in Veracode?
- If you had to both encrypt and compress data during transmission, which would you do first and why?
- When evaluating Application Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- What are the Top 5 cybersecurity trends in 2022?
Buyer's Guide
Download our free Veracode Report and get advice and tips from experienced pros
sharing their opinions.
