Veracode Primary Use Case

Sebastian Toma
Engineering Security Manager at Nextiva
Our primary use case of this solution is for static and dynamic analysis along with the source gear for the third party dependency (not IDM). We were looking into actually moving towards IDM, but that's the extent of my knowledge. They are licensed as two separate products. They're part of the same platform, but they are licensed separately. We have Veracode, Veracode Developer Training, Veracode Software Composition Analysis, and SourceClear. SourceClear and SDA are pretty much the same. They just support different languages. Veracode as a whole, the top option, is the one that includes everything. View full review »
Chief Information Security Officer with 501-1,000 employees
We use it for static checking. View full review »
Sr. Security Architect at a financial services firm with 10,001+ employees
We are using Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Static Component Analysis (SCA). We use different types of scanning across numerous applications. We also use Greenlight IDE integration. We are scanning external web applications, internal web applications, and mobile applications with various types/combinations of scanning. We use this both to improve our application security as well as achieve compliance with various compliance bodies that require code scanning. View full review »
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
426,617 professionals have used our research since 2012.
Divakar Rai
Senior Solutions Architect at NessPRO Italy
I have used this solution in multiple projects for vulnerability testing and finding security leaks within the code. View full review »
Vice President of Technology at Cogniphi Technologies Pvt Ltd
We used it for performing security checks. We have many Java applications and Android applications. Essentially it was used for checking the security validations for compliance purposes. View full review »
Riley Black
Senior Security Analyst at a health, wellness and fitness company with 1,001-5,000 employees
Veracode is a cornerstone of our Development Security Operations Program, particularly scanning automation and remediation tracking. We've been able to monitor the release cycle and verify our Security Standards are met by setting policy and ensuring scans are taking place. If a scan fails to meet our standard the build breaks and the flaws are remediated before releasing to Stage and ultimately Production - where the potential impact is much more costly. We have discovered opportunities to make our code even better thanks to Veracode! View full review »
Rick Spickelmier
Chief Technology Officer at a tech vendor with 201-500 employees
We use it for security scanning of SaaS and mobile software that we develop: one server-side and two mobile applications. Most customers require SAST and DAST scanning in order to purchase. View full review »
Managing Principal Consultant at a tech vendor with 11-50 employees
Our primary use case for this solution is application security. View full review »
Evan Christoe
AVP, IS Manager with 1,001-5,000 employees
We use Veracode to scan custom-developed code for flaws. View full review »
Software Engineer at a financial services firm with 501-1,000 employees
This was intended to scan all of our custom development efforts to ensure a certain level of (secure) code quality. Right now the scope of that effort is limited to web exposed systems but with maturity, we hope to increase that scope. View full review »
Michael Ward
Managing Director at Harrods
We are planning on introducing a static code analysis tool to support a DevOps effort in our environment. The objective of the solution is to allow the team to identify vulnerabilities in the source code and improve the hygiene of the developed code before deployment. View full review »
VP Engineering at a tech services company with 201-500 employees
Our primary use cases are for comprehensive security assessment using static analysis, dynamic analysis, source code composition, and manual penetration tests. We also use it for security training for developers. View full review »
Michael Stricklen
Executive Director at Parthenon-EY
* Scanning web-facing applications for potential security weaknesses. * Helping to document the introduction of technical debt in our code bases. View full review »
Team Lead / Architect at a tech services company with 1,001-5,000 employees
I use Veracode to run scans on .NET applications, web applications and Windows/fat form applications. I also use it to make deployments in three-tier environments: the application server tier, web server tier and the database tier. View full review »
Ashish Kulkarni
Manager at Wipro Technologies
Static application security testing, which is the primary use case. There were different web applications which were scanned using this tool. View full review »
Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
426,617 professionals have used our research since 2012.