Veracode ROI

Directord98b
Director Security and Risk OMNI Cloud Operations at a tech vendor with 1,001-5,000 employees
By implementing Veracode in our development process, what we've done is cost avoidance, not necessarily savings. By getting ahead of it, and releasing product to the market that's more secure, we have very few, if any, reported issues by our customers. So we don't have to go and do a maintenance repair of those. That's an avoidance of cost. It's a pretty accepted standard that if you release a vulnerability or a flaw into the market, it's going to cost you 10 times more to address it after the fact than if you prevent it. I'd say that that, plus the automation of the scanning, has also reduced the amount of capacity or full time equivalence we have to apply to repair and scan. As I said, we have 35 applications, and instead of having 35 different people preparing their packages for upload and scan, it's automated. We don't have to spend money doing that as well. So avoiding the cost of releasing vulnerabilities into the market that get caught by customers and reported back, is a big one; and then, reducing the investment of performing the continual scans. View full review »
Sebastian Toma
Engineering Security Manager at Nextiva
I do not have any information on ROI. We became better from an engineering standpoint, but I don't know if we saved a ton of money in the process. View full review »
Informat5dbf
Information Security Engineer Team Lead at a hospitality company with 1,001-5,000 employees
I can't think of any cost savings related to code fixes since implementing Veracode. We are mostly focused on using it for application security, which is a hard thing to quantify unless you have a major breach. View full review »
Find out what your peers are saying about Veracode, SonarQube, Micro Focus and others in Application Security. Updated: March 2020.
406,070 professionals have used our research since 2012.
ChiefInfaf47
Chief Information Security Officer with 501-1,000 employees
We are a state agency, so we're not for profit. I tell everybody we don't make money, we spend money. To frame it in the context of the public sector, I think we are giving our citizens peace of mind. When they come in to write a permit, and we send them to a service that collects payment, that jumping-off point is secure and safe. It would be more in those terms, rather than the bottom line. In the public sector, return on investment is not a term that is easily understood because we do not invest. But total cost of ownership is something that we can put our arms around. When we think about potential data breaches, Veracode has certainly helped us. When you think about the cost of the product and that I have one person, not ten people, running this tool, the total cost of ownership is low. I have no devices or servers, I didn't have to do any of that here onsite. It's all in the cloud. The total cost of ownership, given the services they provide, is very low, in my opinion. View full review »
Associat7de6
Associate Director
It has helped us reduce our overall time to remedy any validity, which can be found after being rolled out and put into production. Though, I cannot give you the number. It is always better to safeguard the environment rather than being hacked or have production downtime. In three years, we have not had any breaches or we seen any reduction in Shadow IT. View full review »
Elina Petrovna
Professor at BitBrainery University
Given the following: * Effectiveness of automatic detection of defects, taking into account bad fixes. * Effort to find and correct a defect during automatic detection. * Effort to find and correct a defect during post release. * Effectiveness of testing. ROI expressed as project savings is 2.4% of the project cost. View full review »
ChiefCom2e57
Chief Compliance Officer at a financial services firm with 51-200 employees
We don't do a detailed enough analysis to reflect on any cost savings relating to code fixes made since we implemented Veracode. View full review »
Terry Chu
DevOps Release Engineer at a tech services company with 51-200 employees
I can't report on any cost savings relating to code fixes since implementing Veracode in our development process, but it makes us feel more confident about our code, which is awesome. View full review »
HeadOfTe86f0
Head of Technology. at a tech services company with 11-50 employees
It helps us get over the line for security when contracting with customers, and any help reducing security vulnerabilities is a big help to us. View full review »
Find out what your peers are saying about Veracode, SonarQube, Micro Focus and others in Application Security. Updated: March 2020.
406,070 professionals have used our research since 2012.