Veracode Competitors and Alternatives

Read reviews of Veracode competitors and alternatives
Checkmarx
Real User
Senior Manager at a financial services firm
Feb 23 2017

What is most valuable?

Scan reviews can occur during the development lifecycle.

How has it helped my organization?

It moved our organization towards being agile vs. waterfall.

What needs improvement?

The areas in which this product needs to improve are: * C, C++, VB and T-SQL are not supported by this product. Although, C and C++ were advertised as being supported. * There were issues in regards to the JSP parsing. * Defect report... more»
OWASP
Real User
Team Lead at a tech services company with 51-200 employees
May 02 2018

What do you think of OWASP Zap?

Primary Use Case Security/penetration testing of a Java-based Web application which is served over a SaaS platform. Zap has been integrated as one of the important tools in our QA cycle. All beta releases of our software go through Zap scanning. Custom reports are generated - they are pretty decent and standardized - and are submitted to upper management for auditing by a third-party. • Improvements to My Organization We save a significant amount of money on third-party security auditing time. We are also able to minimize most of the security threats for our software prior to releases, thus saving a lot of time on security fixes and post-release path builds. • Valuable Features Fuzzer and Java APIs help a lot with our custom needs. • Room for Improvement It would...
Real User
Senior Security Systems Engineer at a software R&D company with 501-1,000 employees
Aug 31 2016

What is most valuable?

* Ease of use and setup * Visibility into our environment

How has it helped my organization?

WAS gave us visibility into our externally exposed web applications and showed us vulnerabilities that we were not aware of and did not know how to test for. We didn't need any knowledge of these vulnerabilities or how they worked to scan for... more»

What needs improvement?

The organization of the assets was a little confusing and overwhelming. The system could also use some work in pivoting from a VM scan to add the servers with web applications exposed to the WAS server. It frequently created WAS assets that... more»

Sign Up with Email