Veracode Policy Reporting - Compliance
What is your impression of the solution’s policy reporting for ensuring compliance with industry standards and regulations, if applicable. Please explain.
MV
Mauro Verderosa
Cybersecurity Expert at PSYND
Another good feature is the policy reporting for ensuring compliance with industry standards and regulations. We test compliance for medical devices, for GDPR, and for payment methods. These are all good. If you are not to correctly prepared on one of these sets of regulations, you know that Veracode is going to take care of it. But we can also customize our own policy if we are facing a unique use case. Even if it's not really common, we can take a regulation and build it the we want it to look.
View full review »Our code must be free of security flaws, especially high-level ones. Our software must be above a minimum threshold. Veracode has enabled us to see the quality of our code security. We need at least an 80 percent score. We are sure that our code is high-quality and that our clients won't see security vulnerabilities in the code when we ship it to them.
View full review »JS
Justin Swanson
Manager of Application Development and Integrations at a university with 1,001-5,000 employees
It seems like it does a lot in terms of compliance with industry standards and
View full review »JA
Jai Agarwal
IT Project Manager at Orange España
For compliance reporting, you can configure your organization's data privacy policies and your country's policies. If those policies are breached, it provides you notification that something is not meeting the policies that you have set, so you can easily identify those cases and take corrective measures.
View full review »The solution's policy reporting allows us to set our standards, group policies, and regulations, so ensuring code compliance is part of its analysis. Veracode notifies us if any flaws are detected, allowing us to take action to correct them.
View full review »I rate Veracode's compliance features a nine out of ten because it provides detailed reports after each scan about potential regulatory violations.
View full review »FN
reviewer2131128
Application Security Engineer at a financial services firm with 1,001-5,000 employees
I was also able to create some policies in line with PCI requirements and our local standards. Veracode flags and maintains those policies. The policy creation part is important.
View full review »Veracode has also really tried to make sure that they comply with any standards and regulations, and the process is quick and quite straightforward. That has had a very good and positive impact.
View full review »Veracode's policy reporting is helpful for ensuring compliance with industry standards and regulations. Veracode's solution plays a major role in achieving compliance, including HIPAA compliance. Without Veracode scans, identifying security threats and third-party dependencies would be a tedious task for DevOps professionals.
View full review »The solution allows us to ensure compliance with standards and regulations.
View full review »The main advantage of using Veracode is the assurance that we are developing stable, secure, and fast solutions that are free of risks. This provides us with a clear picture of our progress toward our goals. Veracode helps our developers by providing remedial action and reports in various formats, ranging from summary to detailed. This allows us to customize our reports and share visually appealing reports with the team.
View full review »Veracode's policy reporting for enabling compliance with industry standards and regulations can be a bit complex for beginners, but it is much easier and quicker for experienced users.
View full review »VS
reviewer2187363
Sr. Web Application Security at a tech vendor with 10,001+ employees
The most essential part is Veracode's PCI compliance policies. We need to make sure our code is compliant. Veracode's policy reporting features are effective at ensuring compliance with industry standards and regulations.
View full review »Another important factor is the policy reporting for ensuring compliance with industry standards. We generally work with big companies in Brazil and, for them, maintaining the required standards is imperative. The policies can help achieve those standards.
View full review »VR
reviewer1510059
Solution Architect at a tech vendor with 10,001+ employees
Veracode has helped us improve the way we conduct static and dynamic code testing in our organization. Based on the reports we receive, we can quickly identify what needs to be fixed immediately after the scan. For minor issues, we are given time to address them after moving into production, but for major issues, the application is unable to enter the production phase.
View full review »JV
reviewer2183154
Manager Consultant at a tech services company with 1-10 employees
Veracode's policy reporting for ensuring compliance with industry standards and regulations is excellent. We only need to specify the regulation we must comply with, and the report will be generated instantly.
View full review »Veracode's policy reporting for ensuring compliance with industry standards and regulations is commendable. They dedicate ample time to conduct thorough research and executing internal campaigns. Instead of hastily releasing new features and language support, they meticulously perform six to nine-month testing to ensure proper formatting and functionality.
View full review »BF
Brian Felker
Application Security Engineer at Advantasure
Their policies are relatively helpful for compliance. The policy configuration tool works well. We try to use one policy to cover all our applications. Once we've configured the policy correctly, it does an excellent job of applying that to each application and ensuring compliance. Veracode provides good visibility, and the reports are integrated, so we get insight into each type of scan.
View full review »Veracode's policy reporting for ensuring compliance with industry standards and regulations is on the mark. Everything was proceeding as it should, with adherence to the established procedures, protocols, and reporting mechanisms by both the organization and the support team. At no point did we feel that the industry standards were compromised.
View full review »SR
reviewer2067186
Product Marketer at a media company with 1,001-5,000 employees
The compliance reporting is a great feature because there are a lot of different frameworks and channels, and each unique channel has its individual compliance monitoring and policies. Veracode helps us prepare for all the different challenges.
View full review »AK
Anand Kumar
LSA at a consultancy with 10,001+ employees
Veracode's policy reporting for ensuring compliance with industry standards is excellent. The report helps us maintain our compliance.
View full review »SA
Shahnawaz Azam
Manager IT at a tech company with 201-500 employees
Veracode provides compliance reporting so we can identify issues without having to rely on complaints.
View full review »SC
Stephen Cook
Systems Engineer at Shift movers
It streamlines compliance, policy management, and reporting on various data analytics. We use it daily to gain insight into our work processes.
View full review »CS
reviewer2249226
Executive Assistant at a tech company with 51-200 employees
Veracode's policy reporting for insurance compliance with industry standards and regulations is good. We can integrate numerous reports, and the positive reporting feature is also highly commendable.
View full review »Veracode's policy reporting for ensuring compliance with industry standards and regulations is excellent. It is applicable to us as a multinational company with PCI and HIPAA requirements, and we also engage in government projects. Consequently, we are obliged to adhere to any relevant regulations, which is why we have implemented numerous policies that automatically alert us when any action might potentially violate the established guidelines.
View full review »OK
OleksandrKlymenko
Sr. Development Manager at RWS Holdings PLC
We are using our internal policies for the WAF Security Standard, but it isn't an industry-wide policy. We are not using PCI DSS, etc., but it shouldn't be a problem to comply with that stuff. For example, PCI DSS isn't applicable to our case because we aren't managing any credit card data, working with medical devices, or doing anything involving the military. Some standards aren't applicable.
View full review »I work in Latin America, and there are regulations on information security and the use of customer information. The most vital areas are things like health information and finance. You can face penalties for failing to protect customer information, so it's critical for us to secure our code during development. Any vulnerable code or application component can risk disclosing customer information from customers and allowing an outsider to penetrate the systems or databases.
View full review »LF
reviewer1699062
Sales Engineer at a computer software company with 51-200 employees
Veracode is very good for ensuring compliance with industry standards and regulations. We can have many dashboards and reports related to policy management.
It is very good for ensuring compliance with industry standards and regulations. We can have many dashboards and reports related to policy management.
View full review »Using Veracode policy regulations, we can offer predefined rules. When setting up any application, we establish the application name and other necessary details. Following this, there is a section where we can input this information. Essentially, there exist predefined regulations which we can either directly utilize if they suit our needs, or adjust them based on the requirements of our project team. Therefore, we have a pre-existing set of rules and functionalities available.
View full review »We are satisfied with the solution’s policy reporting for ensuring compliance with industry standards and regulations.
View full review »PB
Pradeep Honaganahalli Basavaraju
ML engineer at a consultancy with 10,001+ employees
In my organization, we have a policy in place. Every company has a different policy; at least our company has specific requirements where we expect everyone to build the tool or the software to some extent, following some best practices.
Veracode helps us embed those policies into the scan. When we run the scan, the administrators have already set the policy, defining what needs to be checked and what can be ignored. It helps us when we run the scan because it provides a score based on the policy level. This score certifies how well the tool has scanned the code.
View full review »The solution’s policy reporting for ensuring compliance with industry standards and regulations is good.
View full review »Its policy reporting for compliance is also very good. It meets our meets our needs.
View full review »JW
reviewer2287986
Lead Product Security Engineer at a computer software company with 1,001-5,000 employees
The policy reporting is incredibly robust.
View full review »GR
Gangadhar Reddy
System Engineer at a tech vendor with 10,001+ employees
Veracode's policy reporting ensures compliance with industry standards and regulations. It also provides a detailed report with multiple options. We can easily generate a report of four to ten pages, or even a one-page report. I really like the way Veracode generates reports on assessments. It's my favorite feature.
View full review »CM
reviewer2296401
CyberSec professional at a manufacturing company with 5,001-10,000 employees
I am using Veracode's preconfigured policies because I find them useful and complex.
View full review »Overall, I think it's great that the firm can configure certain policies to monitor applications, and the flaw report also enables us to see the flaws that need to be fixed to become compliant, which is a good feature. From Veracode's perspective, everything looks fine.
View full review »Another aspect that is quite good is the policy reporting for ensuring compliance with industry standards and regulations. Initially, we were using freeware tools, but we are quite impressed with how Veracode gives the most detailed and latest vulnerability and security information.
View full review »TR
Tarun Revalla
Associate Software Engineer at a healthcare company with 201-500 employees
Veracode's policy reporting for ensuring compliance with industry standards and regulations is good. Veracode covers a vast majority of industry standards and identifies areas within our code that don't comply with those standards, providing remediation suggestions.
View full review »AF
reviewer2333736
Cloud system engineer at a consultancy with 1-10 employees
Veracode's policy reporting for ensuring compliance with industry standards and regulations has been positive for our organization.
View full review »The solution's policy reporting for insurance compliance with industry standards and regulations is very helpful. It's fast as well. The team helps us at every step of the product life cycle.
View full review »Veracode aligns with SOC, ISO, and other types of certifications. It helps with compliance that Veracode has all these reporting formats.
View full review »None of these executives believe anything these users are saying until they can see the results. They want that dashboard report. In less than three weeks, a junior security engineer can learn to create a dashboard easily that will allow the organization to stay on top of the most important things. They need to show the stakeholders that we're doing something here. They'll get the certification and see the dashboards. You now have something that's actually worth $2,000. With these other ones, who knows what you'll get.
View full review »KS
reviewer2381340
Lead Consultant DevOps and Infrastructure at a tech vendor with 5,001-10,000 employees
Veracode's policy reporting is valuable because it provides two key benefits: first, it generates a security score for our application. Second, it offers comprehensive reporting that details both the vulnerabilities found and the potential risks they pose to our application.
View full review »