Veracode Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
Real User
Systems Architect at a tech vendor with 201-500 employees
Mar 26 2018

What is most valuable?

The most important one is the static scanning analysis, and the reason is that it can tell us vulnerability in that code, right before we go ahead and push something to production or provide something to a client. We pair that with dynamic... more»

How has it helped my organization?

We have a large developer base at our company ranging in a variety of skills sets. Some are very security aware, others really don't have the knowledge. What Veracode provides is really good feedback on what vulnerabilities were found in... more»

What needs improvement?

From a technical standpoint, I'm pretty happy with everything. The one thing I'd like to be able to do is schedule dynamic scans. Today we're kicking those off manually, but I believe that it's something have on their roadmap. Other than... more»
Real User
Director Security and Risk OMNI Cloud Operations at a tech vendor with 1,001-5,000 employees
Apr 12 2018

What is most valuable?

* The static scanning of the software is very important to us. * The ability to set policy profiles that are specific to us. * The software composition analysis, to give us reports on known vulnerabilities from our third-party components.

How has it helped my organization?

We do automated scanning, so we use it as part of our development cycle. We do both automated security scanning as well as our own automated testing. We run the two in parallel and treat both outputs of, let's say, a sales functionality test.... more»

What needs improvement?

It's really hard to criticize something that has become somewhat seamless for us. If they wanted to expand their capabilities into other areas of security, that would be fine. They're a very knowledgeable group of people. We do meetings with... more»
Find out what your peers are saying about CA Technologies, SonarQube, Micro Focus and others in Application Security.
287,741 professionals have used our research since 2012.
Real User
Information Security Engineer Team Lead at a hospitality company with 1,001-5,000 employees
May 02 2018

What is most valuable?

The reporting and mitigation features which allow our people to work on their own.

How has it helped my organization?

It has given us insight into the actual flaws that are out there, and the speed at which they're getting mitigated. Now, we're starting to see quantitative metrics to show the overall risk with code vulnerabilities. It has been very helpful... more»

What needs improvement?

The only areas that I'm concerned with are some of the newer code libraries, things that we're starting to see people dabble with. They move quickly enough to get them into the Analysis Engine, so I wouldn't even say it is a complaint. It is... more»
Real User
Global Application Security at a pharma/biotech company with 10,001+ employees
Apr 09 2018

What is most valuable?

The Static and Dynamic Analysis capabilities are very valuable to us.

How has it helped my organization?

We are able to create business policies, and the Veracode system allows us to enforce those policies. That's at the very high level. We're looking at improving the overall security quality of our software. We use it as a platform to help... more»

What needs improvement?

They've improved the speed of the inspection process. I'd never want the inspection process to become something that's suspect. False positives would diminish confidence in the results; if we don't continue to focus on reducing false... more»
Real User
Chief Technology Officer
Mar 15 2018

What is most valuable?

Certainly it eases integration into our workflow. Veracode is part of our Jenkins build, so whenever we build our software, Jenkins will automatically submit the code bundle over to Veracode, which automatically kicks off the static analysis.... more»

How has it helped my organization?

Firstly, it prevents me from putting out software that has security vulnerabilities, which is a big thing and can be one of the most important things. Also, we just finished a vendor due diligence with a very large company that wants to do... more»

What needs improvement?

The Web portal, at times, is not necessarily intuitive. I can get around when I want to but there are times when I have to email my account manager on: "Hey, where do I find this report?" Or "How do I do this?" They always respond with,... more»
See 31 more reviews

Articles

User Assessments By Topic About Veracode

Find out what your peers are saying about CA Technologies, SonarQube, Micro Focus and others in Application Security.
287,741 professionals have used our research since 2012.

Veracode Questions

Veracode Projects By Members

Veracode Consultants

What is Veracode?

Veracode is an application security company that offers an automated cloud-based service for securing web, mobile and third-party enterprise applications. Veracode provides multiple security analysis technologies on a single platform, including static analysis, dynamic analysis, mobile application behavioral analysis and software composition analysis.

Veracode customers

State of Missouri, Rekner

BUYER'S GUIDE
Not sure which Application Security solution is right for you?

Download our free Application Security Report and find out what your peers are saying about CA Technologies, SonarQube, Micro Focus, and more!

Sign Up with Email