The solution provides visibility into application status at every phase of development. We can see and make adjustments accordingly at each level.

This solution provides visibility into application status at every phase of development. It goes from compiling the code all the way to running it in production. It covers all major aspects of the SDLC. We run static scans and SCA scans early on in the process to make sure that we catch any code that is insecure by design. If we are able to catch it earlier on, before it's actually out in the production environment, it reduces costs. The dynamic scans are run further along in our QA process. That is, once we've deployed the code and have it in a runtime environment, we run weekly scans in a dynamic environment against the code runtime to make sure that there aren't any new vulnerabilities that got introduced. We are looking at doing manual penetration testing in 2023, where we would be using a spinoff of the code that was released to the customers to make sure that there aren't any holes through which a nefarious actor could get in and exploit what was built.

It scans at three different integration points or stages, so it helps developers to remediate their vulnerabilities before they have moved far in pipeline. Shift-left is definitely possible through Veracode.

With this solution, we have visibility into application status at every phase of development including static analysis, dynamic analysis, software composition analysis, and manual penetration test throughout our SDLC. It is helpful for our DevSecOps processes because we get all the details before going into production. We can then talk with the design team and developers to fix any issues before going live.

The platform provides visibility into application status at every phase of the development- Veracode Static Analysis, Dynamic Analysis, Software Composition Analysis, and Manual Penetration Testing throughout our SDLC. In terms of DevSecOps processes, the solution makes them quicker and smoother, with less confusion.

The solution provides visibility into application status at every development phase throughout the SDLC; we can use Veracode during the development, design, testing, and implementation phases. We can easily analyze our code before commencing large production deployments and fix any issues.

Veracode provides visibility into the status of our application during every phase of development, including continuous integration and continuous development CI/CD pipeline stages. This includes builds, package creation for deployment, and various enrollment stages such as develop, queue, stage, above, and production enrollment. Prior to each stage, a Veracode scan is run. This can be accessed through Jenkins or the CI/CD pipeline by clicking on the Veracode scan option, which provides a detailed report highlighting any security issues and concerns.

Veracode provides visibility into all phases of development.

Veracode provides insight into vulnerabilities at every stage, so your team can progress through the development cycle more efficiently. It improves developer confidence by showing us our capabilities and the potential of our code.

Veracode provides visibility into application status at every phase of development which makes it easier for our DevSecOps to do their jobs.

Having visibility into the status of our applications at every phase of development throughout the software development cycle enhances our DevOps productivity and ensures a stable solution.

Veracode provides visibility into application status, but we do not use it during every development phase. We only use Veracode before the code goes into production.

Veracode provides visibility into application status throughout the development process. It is easy to understand the severity of a threat, thanks to their clear and concise documentation. This documentation can be used to understand code, security, vulnerabilities, and project management. Veracode also helps ensure compliance with all industry standards.

It provides visibility to application status at every development stage.

Veracode helps to provide visibility into the application's status at every phase of development. This helps us ensure that our code is secure from the start, saving us time that would otherwise be spent sorting through bugs at the end.

Veracode provides visibility into application status at every phase of development.

We utilize Veracode for static and dynamic code scanning in our software configuration and lifecycle management. It is integrated as part of our pipeline, allowing the code to be automatically scanned in the background. This enables us to review the reports promptly.

Veracode provides visibility into the status of applications at every phase of development. It is one comprehensive integrated system, but we can also utilize specific features like SAST if we require it.

Veracode provides visibility into the application's status at every phase of development. Primarily, we were only conducting two types of tests. One was continuous integration, which keeps track of the entire application's deployment process. It detects any defects and ensures a smooth deployment. The other test we used to perform at certain times was manual integration. We would delve deeper and test additional aspects because we wanted to ensure with utmost precision that there were no vulnerabilities when deploying the application. Hence, we also had to manually utilize this program before deploying or pushing it to the code.

We get good, actionable insights at each stage, including static, dynamic, and penetration analysis, and it reduces overhead for us.

Veracode offers visibility into the application's status at every phase of development, including static analysis, dynamic analysis, composition analysis, and manual penetration testing throughout the Software Development Life Cycle.

Veracode provides visibility into the status of applications at every phase of development to a certain extent. Veracode scan reports present a comprehensive view of planned releases that are scheduled to go live in the coming days. To keep the team informed, we run a scheduled deployment, sending email notifications twice a week for each application. This alerts the team to any issues that may need fixing. However, it's worth noting that the system is not fully integrated into the pipeline and notifications. Nevertheless, Veracode offers an API. This interface allows us to obtain the XML result file, and subsequently, I can extract and analyze the values from the XML. Once the scan is complete, Veracode API will fetch the XML report and store it in my workspace within the pipeline. From there, I can execute an XML parser function to obtain the application status results.

Veracode provides visibility into the application's status at every phase of development.

Although Veracode can offer visibility into the application's status at every phase of development, we do not rely on manual penetration testing because we have our own testing team. Instead, we use SAST from the moment our developers start typing the code until the deployment phase.

I'm not sure how much visibility we are getting using the solution.

Veracode has assisted our organization by providing a report that we can share with our developers, identifying vulnerabilities in their code. This enables them to address the issues before the code is put into production.

Veracode offers visibility throughout the entire development lifecycle. SecOps is an essential framework inside the organization currently because we need to deliver applications to market faster while improving code quality. It's crucial to be careful when using code generated by community sources. We need to test the final applications and also the components and packages in any code repository we use.

Veracode provides visibility into application status at every phase of development. We can have many analytics dashboards and reports, and we can build a custom dashboard to have this visibility. This visibility is essential for DevSecOps processes. We need this visibility and information to have a strategic approach and mature our security.

We do have a dashboard in Veracode that offers visibility into the status of applications. There is a section where we can view the application names, and next to each name, there is a status report such as "The SAST has been completed" or "in progress," and the same goes for DAST.

Veracode provides visibility into application status at every phase of development - Veracode Static Analysis, Dynamic Analysis, Software Composition Analysis, and Manual Penetration Test. We can get the entire application with all compliances.

The solution provides absolute visibility into application status at every phase of development. The users can get visibility through the CI/CD pipeline.

If you use it correctly and bring early feedback into the developers' environment, it provides visibility into application status at every phase of development... For us, it gives full insights. It changes the DevSecOps process process because we find flaws much earlier in the in the development life cycle, and we also spot third-party software that we don't allow, already, at the developer's machine.

Veracode provides visibility into application status in every phase of development.

Veracode provides visibility into application status at every phase of development, but we must manually scan applications to check the assessment for a specific application or after deploying it to a particular environment. I think they can change this so it automatically scans for us.

I am satisfied with Veracode's visibility into application status at every phase of development.

It provides visibility into application status at every phase of development. We have our initial feature branch, or low-level branch, and then we commit. The pipeline is running, so we will know about things immediately. This is quite valuable for us.

Veracode provides comprehensive visibility into application security throughout the entire Software Development Lifecycle. During the coding stage, Veracode scans the entire codebase for vulnerabilities. Additionally, we utilize Veracode's static analysis capabilities for further security assessment. Once the product is published and deployed to the production environment, Veracode analyzes the entire software stack to identify any potential security risks. In short, Veracode plays a vital role in various stages of our software development and production process.

It helped us a lot in mitigating the vulnerabilities. We were able to proactively react to anything malicious.

Veracode provides visibility into application status at every phase of development.

The solution provides visibility at every stage of development. We have automated almost everything through integration with Jenkins. As soon as the developer commits, it triggers the static scan for the main branches. We don't need to trigger the scan manually or do a follow-up to see if it's done scanning.

To my knowledge, Veracode is the only real devSecOps pipeline that captures every component of the software delivery cycle, from sandbox and staging to development and production. You need to go through those four phases and ensure the code is secure by the time it hits production. Veracode handles all those phases seamlessly and can be automated with Jenkins.

Veracode can provide visibility into application status at every phase of development.