The false positive rate is around 10 percent, which is expected in automated software. Veracode's competitors have false positives, but we're happy with Veracode's ability to mitigate the problem. We check every false positive and clear it. It does not affect our competence at all. We realize it will happen from time to time. The effect of false positives is negligible. We don't have a problem with that. We are experienced enough now to see what is or isn't.

They claim to have the best false positive rate. It's hard to judge, but we've had several false positives, and the solution's inability to resolve them has been incredibly frustrating.

When our developers find a false positive it doesn't make much of a difference. They are just happy knowing what is wrong and right. Developers know to code, but they don't know secure coding. We are generally there to guide them and most of the time, I used to do the false positive analysis by myself and not leave it to the developers. The developers would get a refined and concrete number of vulnerabilities to quickly work on.

We waste a lot of time figuring out which results are false positives, and it has affected our trust in the tool. After we've spent time training and setting up the tool correctly, we need to scan our code and remove all the false positives. Finally, it's good enough to identify our security issues.

Veracode's false-positive rate is low. The few instances when it looked like there were false positives, the issues were found to be either true vulnerabilities or things that were that way by design. If a developer thought that there would be a ton of false positives when using the tool, it would then diminish the value of actually using the tool. Veracode touts itself as being a tool with the lowest false-positive rate in the market. It gives inherent confidence in the tool itself, and developers are more inclined to think that if it found something, it's pretty likely that it is not a false positive. They would then work to prove it wrong rather than discounting it without even looking into it.

Veracode's false positive rate has been very good. It's reasonable.

The false positive rate is typically less than five percent. False positives can affect how developers use a solution. If we see too many false positives, we might start ignoring alerts. Sometimes the developers lose confidence and may take the work lightly. It isn't an issue currently because the rate is under five percent.

The false positive rate boosts our developers' confidence in Veracode when addressing vulnerabilities.

The false positive helps our DevOps troubleshoot every stage of development and increase their efficiency which boosts their confidence.

The false positive rate has increased our developer's confidence.

The benefit is that the false positive results provide our developers with a clear understanding of their proficiency level in development. Overall, I believe that false positives can boost our developer's confidence in their abilities to a certain degree.

The false positive rate is good. I don't have any qualms about using Veracode.

The false positive rate is very impressive.

The overall false positive rate is good. It is about 70-80 percent accurate. In some stages, we have to let issues go and defer the fix until another time. We might wait to release a patch later.

Veracode's false positive rate is low.

Static code analysis generates too many false positives, so it takes a lot of time to review them all. The security and development teams need to work together to mitigate the false positives.

Another important aspect is the low false-positive rate because the solution is very configurable. It is as low as 1 percent and that is a huge difference compared to competitors.

Based on our experience, Veracode quickly and effectively identifies false positives.

We have compared Veracode with other solutions, and its false positive rate is the lowest in the industry.

I give Veracode's false positive rate an eight out of ten.

We see a few false positives in Veracode but not many. It's negligible.

Veracode's false positive rate is very low based on what we have found.

The false positive rate we haven't really looked into. We need to learn more about it.

At first, we experienced a high number of false positives, but the Veracode team provided guidance that enabled us to significantly reduce the count.

Veracode has the lowest false positive rate in the market. Its results are accurate. In some cases, it is very difficult to see a false positive. We report it to the engineers, and they analyze it. If it is truly a false positive, the engineers will update the engine to provide better results at the next scan. The false positive rate of the static analysis has not affected the time we spend on tuning policies.

After the scanning is completed, with other solutions from a DAST perspective, we would receive a report. If there are any false positives, we would have to identify them ourselves. However, with Veracode, one of their engineers or a support team member will verify the information, which helps to minimize the number of false positives.

When it comes to visibility, I am not sure whether it is through Veracode, but we have our pipelines built on Azure. We do get to see whenever a scan is kicked off and whether the Veracode check has passed. There is no direct visibility in Veracode apart from the dashboard, which does have information about what type of scan has been performed and whether it is a policy sandbox or just a testing sandbox.

There are very few false positives. I'd rate the false positive rate as nine out of ten. It's very good. It's very positive on developer confidence.

The false positives depend on the code. Veracode provides around 5% false positives.

The false positive rate is quite low, which is critical.

The false positive rate of static analysis can affect the time spent on tuning policies. It took at least one day for me to raise that mitigation and approval ticket to look into it.

The product's false-positive rate is low.

When it comes to eliminating false positives, you're never going to have 100%. While it did introduce a little frustration, what did remediate that was the explanations that the software provided.

Veracode's false positive rate is low.

I recently encountered a Veracode false positive, but we immediately mitigated it on our end. Veracode also filed the case and will include it in their code to mark it as a false positive. We took action after that.

We can see that false positives are quite low, around five to ten percent.

The false positive rate is very low. Using this platform, we spend way less time performing investigations.

We don't have many false positives. We're using the tool's default rules and haven't done much customization. We can feel confident in the solution's results.