Veracode Fix Flaws
What effect, if any, has Veracode had on your organization’s ability to fix flaws? Please provide examples, if applicable.
JS
Justin Swanson
Manager of Application Development and Integrations at a university with 1,001-5,000 employees
Veracode has exposed many flaws, and the Security Labs have helped train the team to understand security and fix flaws. You don't know what you don't know.
View full review »Veracode has helped fix flaws affecting our organization by making the applications a lot more secure.
View full review »We have seen the numbers go up with respect to remediation as well as the number of flaws that we catch. The word is spreading, and more and more application teams are using the static code analysis tool inside their pipelines. Overall, we are moving from reactive mode to proactive mode in remediating vulnerabilities through Veracode.
View full review »MC
Michael Calabrese
Vice President of Engineering at Avant Assessment
When it comes to our ability to fix flaws, Veracode has given us more visibility into certain flaws that could show up, flaws that can be subtle and not seen in the code. For example, though it was not obvious, there was a case where a developer naively added the authentication into the code, which we're not supposed to do, obviously. It was not seen by our review process, and Veracode caught it and we were able to eliminate it.
View full review »DB
Djean Bruno
Security Engineer at a tech vendor with 10,001+ employees
Veracode positively affects our organization's ability to fix flaws; we have a particular app at the moment that failed the scan twice due to its vulnerabilities. Without the solution, we likely wouldn't get that.
View full review »Regarding our ability to fix flaws, Veracode is very helpful; it provides a sense of confidence to our developers and a summary of reports that we can share with stakeholders such as our clients and senior management. The solution identifies security loopholes and gives us detailed feedback reports, allowing us to take action to remedy our security vulnerabilities.
View full review »FN
reviewer2131128
Application Security Engineer at a financial services firm with 1,001-5,000 employees
There has been a lot of improvement when it comes to fixing problems. I give credit for that to Veracode because issues are immediately flagged and notifications are sent to the people involved in that particular application. The developers immediately fix them.
View full review »You save a lot of time because you don't have to debug things manually. That would take a lot of time. You just scan with Veracode and all the code that needs to be fixed... At any stage of development, they know where to fix things and the flow makes it easy to produce things on time.
View full review »Veracode has helped our organization address flaws in our software and automation processes. Its positive impact has been reflected in our ROI, which increased when we started using Veracode. Without Veracode, we would be susceptible to security issues and potential hacking. However, after implementing Veracode scans, we have not encountered any such problems.
View full review »It has increased our organization's ability to fix flaws. We can scan code in a video which reduces costs and risk.
View full review »Veracode has enhanced our capability to address flaws by identifying bugs that may not have been detected through static analysis data.
View full review »With Veracode, we can perform multiple scans simultaneously in different programming languages. This is different from other solutions, where we would manually or independently scan each application or programming language. Veracode allows us to scan more quickly and easily. The time it takes to detect flaws in the code is not comparable to the previous solution, because Veracode speeds up the process and makes it easier to create reports. We can share these reports with other developers to create free call-to-action campaigns and improve the user experience. By the time we deploy our applications, we can be confident that they are secure.
View full review »VS
reviewer2187363
Sr. Web Application Security at a tech vendor with 10,001+ employees
The solution helped us find and fix flaws.
View full review »Veracode has helped our organization address flaws by identifying our mistakes. The initial usage of the solution was challenging due to the large number of code lines that needed to be read, but it became easier over time.
View full review »VS
reviewer1293537
Senior Manager Cyber Security at a tech services company with 201-500 employees
Our project teams understand the importance of conducting code scanning in addition to code development and Veracode testing. This ensures that any flow issues are addressed before proceeding to the next phase. It has become ingrained in their approach.
View full review »VR
reviewer1510059
Solution Architect at a tech vendor with 10,001+ employees
The information provided by Veracode enables us to easily rectify vulnerabilities in the workflow.
View full review »JV
reviewer2183154
Manager Consultant at a tech services company with 1-10 employees
Veracode helps fix flaws. Our customers have reported that it is faster and more compliant, making it easier for them to send out reports to various stakeholders when they have questions. For example, when dealing with higher-level management, we can create a report containing comprehensive statistics and informative pie charts, which greatly assists them. Additionally, this helps demonstrate the value of Veracode during internal assessments.
View full review »Veracode greatly influences our organization's ability to address flaws. Resource allocation, strategy, and trading have had a significant impact, particularly when considering the redirection of traffic. Starting from the point of deviation becomes crucial in this context. Without comprehending the potential flaws that may arise within our environment, we cannot determine the appropriate direction to mitigate and reduce them over time.
View full review »SR
reviewer2067186
Product Marketer at a media company with 1,001-5,000 employees
Worrying about fixing the flaws in an application is completely taken care of by Veracode, so we are able to focus more on creating new code and developing new applications. Veracode has been a great platform for that particular purpose.
View full review »AK
Anand Kumar
LSA at a consultancy with 10,001+ employees
Veracode assists our clients in addressing flaws by simplifying the process. The security team can review the code, approve or reject it, and developers can utilize the reports to promptly rectify the flaws.
View full review »SM
ShubhamMittal
Sponsorship Sales Specialist
The main feature, and one of the most important, is the static code analysis. We are able to complete an analysis of the security flaws with this platform. It's very good and helping us find and fix flaws.
View full review »CS
reviewer2249226
Executive Assistant at a tech company with 51-200 employees
Veracode works very well overall, and our security has been greatly improved, significantly impacting our ability to fix flaws.
View full review »Veracode has been a great benefit because it allows developers to log in to their code and examine the specific vulnerabilities they were informed about. Typically, there is a description of why and how the vulnerability occurred, along with guidance on how to resolve it. Veracode significantly aids our organization in fixing flaws.
View full review »OK
OleksandrKlymenko
Sr. Development Manager at RWS Holdings PLC
Veracode has improved our product because we're gradually finding fewer and fewer issues through external security scanners or penetration testers. It plays an important role in the Azure quality assurance chain. We started using Veracode when it was supporting a 2017 standard. When the security standard changed to 2021, we received new issues.
View full review »Veracode has had a significant impact on our organization's ability to address flaws. The solution is capable of detecting issues and providing suggestions that assist us in rectifying problems within the code.
View full review »Ever since the implementation of Veracode, I have noticed that the processes for rectifying the issues in our pipelines have become much easier.
View full review »Veracode has had an enormous impact on our ability to detect flaws. It's risky if we don't have the capacity to detect vulnerabilities in the earliest stage of development before the applications go into production.
View full review »LF
reviewer1699062
Sales Engineer at a computer software company with 51-200 employees
It has had a very good effect on our organization’s ability to fix flaws. We are developing a new feature, and Veracode will help to quickly fix any flaws.
View full review »RB
Rajeev B.
Security Analyst at a insurance company with 10,001+ employees
Veracode has been fairly decent for fixing flaws. We have mainly been using it for SAST. For DAST, we have our AppScan from HCL, but Veracode is fairly decent for fixing flaws or trying to be proactive and ensuring all of our applications have been securely developed.
View full review »The security gate helps our developers learn how to fix vulnerabilities. The solution has also helped them save time in their efforts. It provides descriptions of how to fix certain items. It saves them from having to search on the internet for fixes.
View full review »Because we integrated Veracode in the build tool, we get immediate reports. We can get the reports of Veracode while completing the build itself, which greatly impacts the delivery. We can review the report. We can report to our developer and make changes immediately if we have high or medium-vulnerability code injections, like SQL injection.
View full review »SM
Swarup M
Security Analyst at a tech services company with 11-50 employees
Veracode introduced a new module named Veracode Fix, which automates the fixes for insecure software with AI-Generated secure code suggestions where the developer does not have to spend time searching and remediating the vulnerabilities. The developer does not have to spend time searching for vulnerabilities.
View full review »PB
Pradeep Honaganahalli Basavaraju
ML engineer at a consultancy with 10,001+ employees
The tool is great in terms of ensuring our code is clean, recommending best practices, and capturing the flaws in third-party components.
View full review »It's bringing clarity to the flaws that we can mitigate, and that's the main purpose. We can have a brisk conversation about the flaws. Not all flaws need to be fixed because there might be other protection measures implemented.
View full review »GR
Gangadhar Reddy
System Engineer at a tech vendor with 10,001+ employees
Veracode has improved our organization's ability to fix flaws, and fixing vulnerabilities has sometimes required us to develop new features. This has actually helped us and made our applications better.
View full review »Veracode has been incorporated into our process, which helps us fix flaws. Whenever we develop external websites, we consider the code, the scanning, and everything else involved. This ensures that we are prepared and have enough time to receive the scan results and fix any issues. We have essentially incorporated this into the lifecycle of our project, which I believe is very valuable.
View full review »CM
reviewer2296401
CyberSec professional at a manufacturing company with 5,001-10,000 employees
Veracode's reporting function and executive summary help us emphasize the security of our business-critical products to our business, which also helps us get sponsorship from our management to fix flaws and move forward.
View full review »Veracode has helped us fix flaws effectively. Our security teams enforce monitoring and fix deadlines for reported flaws. If a reported flaw cannot be accepted as a false positive, we must fix it promptly to maintain a high success rate.
View full review »TR
Tarun Revalla
Associate Software Engineer at a healthcare company with 201-500 employees
Veracode has significantly improved our speed in fixing software flaws. It has also transformed our approach to addressing issues. Previously, we spent considerable time investigating the root cause of errors in the code. Now, thanks to Veracode, we can devote more of our intellectual resources to directly fixing the system, which ultimately results in a more efficient product for our users.
View full review »AF
reviewer2333736
Cloud system engineer at a consultancy with 1-10 employees
Veracode has helped reduce our time to remediate security flaws.
View full review »Veracode is highly efficient at fixing flaws. A single person can go through and do a penetration test after collecting the data from Veracode. Instead of telling developers where the issue is, they can show them in the code editor for the static analysis. They can assign tasks to the team using Jira, so developers almost never need to do that work. They actually almost never go back and fix any of these vulnerabilities. That's why I was my company's most hated and most loved man. I forced them to do it.
View full review »KS
reviewer2381340
Lead Consultant DevOps and Infrastructure at a tech vendor with 5,001-10,000 employees
Veracode assists our application team in fixing flaws by identifying issues and guiding the team toward resolving them.
View full review »