I like the end-to-end learning experience. That also includes SAST. It has a low false positive rate.  

When a flaw is discovered, the information that they give and the links to get further information about how to remediate the flaws are actually quite good.

Using the Greenlight plugin makes everything simpler. It provides you with some examples of how you should implement a required fix for a flaw found in your code.

Veracode Security Labs is very good for providing examples of code vulnerabilities in a developer’s chosen language. This is important because if a flaw is found, then they provide me with a few examples of how to implement it. I don't need to go to Google and try to figure it out myself. They already provide me with some good quality examples that I can use to implement the fix.

They provide some links to other pages that have plenty of information. If a developer wants to learn more about a flaw, how to prevent that flaw, or a solution to that flaw, then they can find some information. If it is not directly on the Veracode web page, then they can find that information on links that the Veracode web page contains.

The most valuable feature is the identification of vulnerabilities in existing programming language functions.

We use the hands-on training labs and they are very important due to the nature of our software. Our software is mission-critical and for example, the product that I am working with is related to the software development lifecycle, and it's used by a lot of customers around the world. As such, it must work correctly and it must be secure.

These security assignments help us to enhance our customer experience and instill confidence in our programming practices. We are better able to detect and deal with vulnerabilities in code.

The hands-on training has helped us to tackle modern threats by coding with vulnerabilities in mind from the beginning of a project. It has improved our process overall, and the number of vulnerabilities has been reduced. 

Veracode provides examples of code vulnerabilities in different programming languages and this brings about awareness for our developers. When they work on projects, they learn to avoid those types of mistakes. 

The programming exercises help to illuminate common coding problems and walk developers through how to fix them. This is very important to us because our developers learn what can go wrong, how to spot problems, and how to eliminate them. It helps all developers learn to better avoid problems and related exploits.

The most valuable feature is the guided approach of walking the developer through the best way to fix the issues in the codebase. This approach is hands-on and extremely effective at teaching developers the right way to implement security controls.

Being able to view the codebase, and edit it in order to remediate the vulnerabilities is extremely powerful.

The best part is that this is all within the web browser, so the developer doesn't have to install any development environments or download anything to work through the training.

All of the features offered in this solution are valuable.

The features are extensive, which is why they are ahead of the game, and the reason I continue to use this solution.

The coding challenges were well put together and I was happy to see some of the challenges even had a built-in web browser. That made them very convenient.

The Atlassian integration is the most valuable aspect of this solution. Many other security platforms don't seem to have this feature or want an exorbitant amount of money to get it. Automated integrations such as these make compliance much easier to track and maintain. Additionally, the integrations help with agile processes such as DevOps. We are able to schedule things like scan submissions to Veracode that aids in automatic, regular scanning of our web application. Veracode also allows for customizing your corporate policy for things such as remediation deadlines.

The most valuable features are:

• Knowledge of how to write a secure application, like OWASP ASVS 4.0, that is spread across the web is gathered into one place. This can save months of learning and search on your own.
• It is possible to earn Veracode certificate levels one, two, and three, after completion of a defined amount of labs.
• It provides a complete review of vulnerabilities & possible fixes for OWASP Top 10 in one place.
• The Hack & Fix learning approach makes the learning process more interesting.
• Solve vulnerabilities using interactive labs & real applications with the language of your choice.