Veracode is capable of scaling to accommodate the needs of large organizations.

Veracode is scalable but the performance can be slow when running scans so the larger we scale the slower it can be.

The solution is as scalable as required, but we must pay for that. 

It is a scalable solution. Veracode has a concept called Sandboxes, which is an amazing feature and pretty useful. I can kick off multiple scans, and they all run independently. There's no interference between scans. So, it's highly scalable, and we haven't had any issues with it. It is good.

For our team, we currently use it for two projects.

The scalability is excellent because we utilize Veracode on their cloud infrastructure, and we handle dozens of projects daily.

Veracode is scalable.

Veracode can handle lots of processes, so I would say it is scalable.

It's pretty scalable if our enterprise has the licenses for scaling the applications. I haven't faced any issues with regard to scalability, apart from licensing, of course.

Veracode is scalable. I give the scalability a ten out of ten.

The product demonstrates impressive scalability within our dev landscape. We can easily increase code volumes, and it scales to meet our growing demands.

We have not had any issues with scaling. It has a good amount of scalability for enterprises. It appropriately accommodates growing code. 

We haven't had any issues with scalability. That said, currently we are not scaling. Previously it was fine. Currently, we're not scaling. 

Veracode is scalable. We have between 300 to 500 users.

We have about 500 end users of Veracode in our organization.

I'd rate the scalability ten out of ten. It's very good. 

Veracode is scalable.

The scalability is really good. I recently added to the solution some new applications that I learned about late in the game. There were probably 10 that I had to add in rapid succession and scan as well. It was very quick and painless.

I don't have any concerns about scalability.

The solution is highly scalable. We did run quite large programs through Veracode, and we also ran quite small programs through it too, and we didn't encounter any issues in either case.

I believe the solution is scalable. I remember a time when we were working with four clients in total. Even though our agreement with Veracode was not to exceed three projects, we were able to manage that, and everything went smoothly. They were even able to implement registration. This probably occurred due to significant delays in one of our projects. I was able to onboard the next client, which means we were working with four clients at that time.

The cloud version of Veracode can scale according to the file size.

The solution is scalable; we're a global telecom company, and we use it to scan every one of our over 2000 apps. 

Its scalability is good. It is cloud-based. Whenever the application load increases, it is scaled automatically without an issue. We have plans to increase its usage in our future application process.

There are 35 to 50 users based in diverse geographical locations. We have Java, Python, and .NET applications running in the cloud. We also have some in-house cloud-based applications running on the AWS platform.

We are using the SaaS offering, so it is pretty scalable. I would rate it a nine out of ten in terms of scalability. 

And it is scalable enough. You can integrate it with third parties to come up with a meaningful solution.

Veracode is scalable. We use Veracode in multiple departments. Ten people in our organization use the solution.

We have about 230 users. 

I've used Veracode in a telecommunication company with a huge environment and more than a hundred applications. I don't have experience with smaller-scale use cases, but I know the cloud is quite scalable. 

Its flexibility is very less. It is a very rigid application. Currently, we have six users of this solution in our organization.

I found Veracode scalable because it supports a variety of platforms. Though the support for other platforms is less, Veracode has been incorporating more support over time and offering other solutions as well.

If you're unable to set up the solution, the Veracode team has a consultation call to help you set up the solution. The team would even raise set-up-related issues with the Veracode engineering team, which was how I reached Veracode Technical Support, which was a good experience.

It is a scalable solution.

Though Veracode Static Analysis is primarily available in the USA, we scan our company from multiple locations. The solution may have a huge number of users, but our company supports 30 projects with the help of the solution, which includes scanning for 30 microservices. I am unsure of the actual numbers regarding the solution's use since it is handled by someone else in my company.

The license provides for scalability, so it's just a matter of connecting more users. We don't need to think about it, which is good.

The scalability is "medium" because one of the things I've been having to do now is scale out more of the microservices by tier so that I can verify that the code is correct per tier. For me to scale up like that seems to be taking a lot of effort. I might be doing something wrong. Maybe it could be solved in a different way. But the scalability is average. On a scale of one to 10, I would put it at about five.

We do have plans to use more of Veracode. We are expanding into the SCA, where it is scanning the containers, and we've also just contracted with Veracode to do penetration testing.

The scalability issue is a good question because it's not too fast, but it's scalable because it's cloud-based.

We use it for 10 critical applications.

Our security team of three uses the solution. 

It's great for scaling. We can use it on multiple projects which involve multiple security flows.

Veracode scales sufficiently.

Veracode is very scalable from the perspective of ERP applications, though we aren't sure if other clients have applications larger than ours. For reference, we have five million lines of code in our application.

Veracode is scalable. To increase the scale, we simply need to increase the number of licenses.

We haven't had any scalability issues with our current scan volume, but we're a medium-usage client. We have more than 30 static scans and 12 to 15 dynamic scans and don't seem to have issues with performance. 

The scalability is neutral because it lacks some integration. We have 12 end-users within our software and engineering departments.

Veracode is scalable.

We have about 30 to 40 developers using the solution. We use it on a weekly basis but I can't comment on whether we will increase our use of it. That depends on our product.

Large enterprises are probably following a very different practice from what we're following. I think that smaller organizations are going to have an easier time using something like Veracode because of the flexibility of the different API tools that they have available. An enterprise might have a more complicated time scaling it. The issue with that is that the enterprise is probably going to use a proxy and having to deal with the networking issues, it's going to become very difficult for that to scale. However, in a small company, those situations are mitigated pretty easily by getting two or three people together. So we move through those very fast, we're extremely agile. We're always forward moving. We're always rapidly developing. I think each company has its own specific way of handling scalability, it's always been easy just because we're a very collaborative team. We know how to work with each other and we're always receptive to each other's feedback. I can't really speak for other companies, but I can tell you that we find it pretty scalable. That's really just our culture though.

I run all of the administration and I direct people in what needs to be done. So, that's about it. In total, about seven people are really using it.

We are using it to its fullest extent. Even the manual penetration testing aspect of the platform is very useful. The manual penetration testing aspect of the platform is something that would be nice to incorporate because the cost is significantly less than other security companies. For example, InfoSec is about $3,000 more than Veracode, for any organization that wants an all-encompassing security platform. But what we get with Veracode is a platform that provides software composition analysis, static code analysis, Docker Container Scanning, manual penetration testing results, and dashboards that show the progress for moving through all of those issues. And that's probably the most important aspect of the platform.

Once they introduced the prebuilt dashboards that really reduced the amount of friction with upper management. Typically, my mentor said that almost all issues in any business organization come down to personal relationships and opinions, so when Veracode introduced those dashboards, it removed the ability for people to give opinions about what was being done and what wasn't being done.

We're driven by facts as people, so we can look at those metrics and say, "This is what's actually getting done." And there's no ambiguity. Then really that just removes all opinion from any sort of conversation.

Veracode is easy to scale.

For small and medium-sized projects, it's quite scalable. You can use the sandbox scanner they provide, and it is fine. But for large applications, it is not scalable. We do manual uploads, and this is not scalable.

I believe Veracode is scalable, but I am not certain.

It is a scalable solution. We can implement the tool in different DevOps environments and projects, because of which we can create groups of applications and apply different policies to application groups, making it an enterprise-level tool. Scalability-wise, I rate the solution a ten out of ten.

Veracode is scalable.

It's scalable. It's used by the IT security and software development teams. We have four end users using the product remotely. We have the development team, and we have the IT security team. It's mainly used by these two departments, and each department is comprised of two people. 

We are an enterprise-size company and I know that our security employees are using Veracode and some of the developers as well, but I don't know to what extent developers are using it. It's pretty widely used across our organization.

Veracode is scalable, but we haven't scaled it up. However, I expect it will work well when we do.

It is scalable.

It is used by our North American region, EAMA, and Asia-Pacific, with 40 to 50 users.

We didn’t face any issues with the solution’s scalability.

Veracode has good scalability. In our organization, Veracode is used only by our team, which consists of seven members.

I haven't had a scenario where we've had to scale it.

We can scale Veracode from one to thousands of applications within a minute.

Veracode is used by some of our customers for individual applications, as well as by others for thousands of applications.

It's a scalable solution.

We have it implemented in two offices, the main office in the US and a single office in India. There are only 10 to 12 people using it in our organization, meaning in India. I am not aware of how many users there are in the US.

At the moment, it is hard to implement on our pipeline. Therefore, we need better scalability, as it is quite hard to scale it to bigger projects because then the scanning will take a lot more time.

We use it on-prem, so I'm not sure whether it can be scaled. It's just one endpoint that multiple people access.

Veracode is scalable. Veracode is used by around four people in our organization.

We use it on a couple of different projects, and we plan to move to the cloud. They have a cloud option that makes it scalable.

The scalability is very good. 

Our users are developers and security testers, predominantly. The number of people using it depends on the project. Sometimes we have 10 people on it and at other times we might have only five.

The teams that work on it take care of maintenance, so we do not need any additional team to do that. We also have a center of excellence that takes care of things.

Since it's a cloud offering, we don't have to worry about its scalability.

We don't utilize our current offering to its fullest, so we don't have plans to expand use of it.

We have not deployed it on our on-premise system, so it is quite scalable. There are no issues with that. I would rate it a 6 out of 10 for scalability.

It is scalable. The agents were deployed on about 2,000 machines. For administration, we had a SOC team. It was filler work for them, but we had a team of 13 people.

Veracode can scale based on the price tier selected. I would rate the scalability of Veracode a nine out of ten.

Veracode is scalable, and we have not had any issues with the Microsoft and Solar components that we use. It has always worked seamlessly, and we have the ability to scale up to 15 components on our end.

It is scalable enough.

We have not run into an issue with scalability yet. Veracode was built based on application counts and not users, which is what a lot of the competitors do.

We have some 300 people using Veracode. Some are executives while others are engineers actively working in Veracode. 

Manual Penetration Testing looks relatively scalable. We won't know those things until we get a critical mass of people testing all at the same time. We have around four teams that are scanning continuously, or on a fairly regular basis at this point. So.

I was not involved in any scalability issues or concerns with Veracode Static Analysis. The scalability requirements for this solution would be easily met because it's a SaaS application, so it's supposed to be very scalable for customer needs. I would not expect much trouble regarding its scalability.

We have not had any scale limitations thus far, not even close. Maybe it's the size of our repositories and what we do, but for our needs, it has been super-scalable.

It's being used by all my teams now. I'd like it to be used even more often by building a tighter integration into our regular SDLC practices. I'm hoping that that happens over time. That is one of my focal points as I start to plan for next year.

We are not going to scale it right now. We have about 18 developers and five or six administrators using the solution, and I don't expect that will change for now. But you can purchase more licenses. It's definitely scalable in that sense.

We have it in a single location only and it is used across three or four development teams in our office.

We have approximately 900 people using the solution.

The solution is scalable, but there is a high cost attached to it.

Veracode Static Analysis is a scalable solution. My company has between one hundred fifty to two hundred microservices, yet the tool can scan cost-efficiently without issues.

We have got 5 million lines of code and it hasn't choked at all but seems to run just fine.

We have approximately 40 users and most of those are frontline engineers. Additionally, we have security officers who use it to run reports and team leads that use it for training. We plan to increase our usage when we have new deployments.

I rate the scalability of Veracode Static Analysis a ten out of ten.

I can't specifically speak to scalability because we only engage with them for a single product. However, I do think that scaling might be expensive and is probably something that needs to be negotiated.

Scalability is the main issue with Veracode. For my company, the outlier is out there, but when it comes to scalability, we had issues with automatically scanning springboard artifacts. If you scan the artifacts, they want the artifacts to be packaged in a specific way. This is very well documented on the website but it's not the way we're doing business. 

The workaround was taking the build that was getting put together by Jenkins and moved through the environment. We had to make a separate one, packaged differently just for the tools to work. For the scans to work, if that makes sense. Maybe we are just weird in the way we package our artifacts but maybe many are having the same issue.

We have about 200 engineers that have user roles in the solution. There are different roles. We have security administrators. We have team leads. We have managers. Their roles are all very well put together. Each team has a manager that has access to more features than the rest of his team. They can create things, delete things, compared to the regular guys that can only see the reports. It's very well structured, from that standpoint.

Theoretically, everything is integrated with Jenkins, so the staff depends from one application to another, i.e. three people or eight people from our side. From their end, in our pricing model, we have access directly to an account manager. They have a team of engineers that usually help us if we encounter any issues. It's very extensive in use. We have about 80 services and applications going through using the scanning solutions that Veracode has and we are scaling up.

The scalability of the product depends upon the pricing. The price is a bit high for a small company. It is suitable for a large company.

It's scalable enough. Veracode is being used in the engineering department. It's being only used in one department by two people. It's a developer tool for developing solutions faster, troubleshooting, and debugging.

We use Veracode for all of our software development. We have more than 100 engineers, and our entire engineering team is using it. Obviously, every team has some designated people who look at this more than others, so not everybody's in there every day, but in terms of the software we write, we know that it's all being scanned constantly.

Over the last few years, we've made a couple of acquisitions of other companies and when we've done that, we very quickly brought those solutions in as well. We've seen the value and because of that, it's part of our onboarding process when we integrate other companies into our environment.

If we create another solution or we acquire another company, we will certainly expand our use of Veracode to match within our current solution stack.

There haven't been any issues with multiple users logging in and slowing it down. It has just been inherently slow. 

If they need to scale back-end infrastructure to make the scan faster, then they should do it. Apart from that, there are no issues to mention.

One person can just start a scan. In our case, the DevOps team does it. They configure it once, then do it. However, the cycle takes time, depending on the codebase size, to look at an issue, identify if there are true positives, and then work on it. It is one person's almost full-time job.

I have a team of around six security professionals team who work on Veracode and use the tool. Two of them are team leads, two of them are senior developers, one is a DevOps engineer, and another one is a junior developer.

No scalability issues that I'm aware of. 

The tool is scalable.

I haven't experienced any scalability issues so far. This is likely because the job is always the same and the files we upload remain the same. We haven't had to change any parameters in the input, so scalability hasn't been a concern.

It is pretty good in terms of scalability. There are many users of this solution. There are also many customers of Veracode. We had around 1,000 plus users.

I would rate the scalability of Veracode nine out of ten.

I can't say anything about the scalability of this solution because we are not bothered about keeping its infrastructure up and running. We use Veracode Cloud, and we are not supporting or deploying it. It is just a service for us, and we consider it as a service. We submit the information and receive reports back from that solution.

In our project, every night, we are currently scanning our development branch and three versions of our releases. We have four applications, and I believe that from my team, at least 15 scans happen every night. We have a partnership with another company that provides a part of our functionality. They provide releases to us to embed in our solution. We also do the scanning for their part and inform them about the issues that we've found.

We will increase the number of scanned versions because with each and every release, during the support period, we're supporting versions of our product, and we're also fixing the security stuff. We will be increasing the volume of scans, but it will come to a logical point. When a version is no longer supported, we will definitely remove it from Veracode. So, all in all, at any moment in time, I foresee four or maybe five versions to support multiplied by four applications. There is also a development branch for each application, so there will be around 20-25 automated scans per night.

Given that is is cloud based, coupled with their newer app-based internal scan model, we are pleased with the scalability and have not experienced any issues with scale.

It has lots of growth potential, lots of room for improvement.

Veracode supports scaling up whenever we want to keep up with our growing app portfolio.

I would rate the scalability of Veracode eight out of ten.

It is very scalable. I help other companies to deploy. Some of them are small, and some of them are big.

It is also very scalable.

It appears to be very efficient when it comes to scalability. We're a smaller shop, so I may have a different interpretation of what scalability is. We're under 100 licenses at this point, but so far we have had success.

The solution is scalable but if we scale too far then the performance is impacted. We have around 300 developers using Veracode. 

SCA scales well. 

Most of the users are developers, about 90 percent. 100 to 150 employees are using Veracode as of now.

We have more than 30 applications. Some use it on a daily basis, then others use it on a biweekly or monthly basis.

We do have plans to increase usage. All our developers across our organization, across the globe, will start implementing Veracode within all their platforms or applications that they are developing very soon.

I think the opportunities for scalability are good because we did not come upon issues that caused us to wonder about its limitations. We have not really pressed to find scalability problems. So my impression is that scalability is good. We did not experience issues due to bottlenecks or anything like that.  

Our group of users contained a mix of roles. It was developers, project managers, testers, information security analysts, and engineers. It was probably a total of around 30 to 40 people.  

For deployment and maintenance, there were really just like a couple of people. There was not a full-time dedicated need for it.  

It is scalable. We had about 500 applications, out of which 200 were being scanned regularly. It was in the AWS infrastructure and it was quite scalable. The elasticity was all taken care of. We were scanning a huge set of enterprise products.

We had roughly 2,000 Veracode users. Generally they were developers but there were QA people, as well as the program managers because they needed to add the vulnerabilities and see the health of the product. We also had security champions to advise the product teams on their scanning and vulnerabilities. In addition, general security also accessed it to provide consultation on how to fix vulnerabilities. We were able to give privileges and access control based on each individual.

We stopped our use of Veracode on November 1st, 2020, about 30 days ago. But when we were using it for the three-and-a-half years, the usage was very extensive.

We will be using more of our products in Veracode starting in January. We added one more application into the dynamic scan and we added a couple more manual penetration tests to our projects. Once you understand how it works, it's very easy to deploy to different applications.

In terms of increasing our usage of the solution, we probably won't for the next couple of years, but we never know. It really depends on the requirements that we have from clients and the requirements of the standards and the regulations. Now, we are covering most of the applications and use cases that we need. We are doing 100 percent of the code base. We are doing dynamic scans on all the URLs in production, and the manual pen tasks are also covering all the applications.

We are doubling the ACV with Veracode for 2021, and that's a lot. After that, we're going to be good for the next couple of years, unless there is something new and the Dev team needs to use some other feature that I'm not aware of at this point.

For the dynamic scans I have a couple of people from the technical support team and one person from operations. For static scans, I have my entire iOS and Android team because, depending on the type of flaw, the ticket is given to different developers. I have about 20 to 25 Veracode users.

More than 100 people are using the Veracode solution in our organization. Mostly, the guys who use Veracode are developers, QA engineers, product owners, Scrum Masters, and some data scientists.

We have a three-person team of security guys who maintain the entire service. The security guys have automation skills and can write the code. We are one squad in a company out of 21 squads. We are a security who helps other development teams with Veracode as part of their DevSecOps.

We have adapted Veracode across three line of our client's business. In the future, we may expand Veracode into more lines of business. 

One of the best things they offer is the scalability. The fact that you can work with it through the cloud means that if you have unintegrated business units, you don't have to worry about having a solution on-prem and having the network connection; you don't have to worry about giving up source code, you are just sending your binary files for most of the applications. So it scales much faster.

Veracode is highly scalable. We have not had any issues with scalability. 

It is scalable.

It is a scalable solution.

We have about 40 developers but we use this product per project rather than per developer. All our projects will pass through this product. At any given time we have about 10 to 12 projects going on. Outside of developers, it's just the five security team members who also use Veracode.

Any increase of usage will be based on the business and if there are more software projects. Whenever there are additional software projects, we will then increase our usage.

Veracode Static Analysis is a scalable solution.

We have approximately 10 people using this solution in my organization. However, we do not use it daily.

Platform scan performance has improved over the years. Refrain from putting too much in your application package for scanning such that you keep a reasonably short scan time.

Veracode needs a more standard microservice pricing strategy such that optimizing SaaS solutions into microservices from monolith applications is not penalized. 

There's nothing to scale. Asking if the solution is scalable or not isn't applicable in this case. It's not an active load balancer. It's just a static scan. If it was dynamic, there may be a question around scalability, but it is not.

Veracode can scale to meet our maximum requirements.

It's a scalable product. My rating out of ten would be a ten, scalability-wise.

We have a software development manager and three other people who are using it.

We have deployed the solution to FinTech or technology medium-sized companies with more than 100 employees.

Aside from the licensing, no issues with scalability.

We don't have to do anything to scale, because it's SaaS. 

We started with a smaller number of users and then we extended to full single sign-on.

Scalability is almost infinite in this because the cloud-based solution allows me to expand. The companies I work for are generally in the 10 billion-plus range, but with thousands of developers we have never really had anything on the capacity planning or the performance of the products.

No issues with scalability.

We went from 50 applications in 2015, we're now up to over 400. There seems to be no limit on how quickly it can scale and operate.

I don't think Veracode has any problems with scalability. My company is very big. There are about 1,000 of us, all developers, using the solution. It's being used throughout the company for all our products.

We haven't perceived any issue when it comes to scalability. But it's true that if you have more tenants, the response of the scanners is going to get released quicker.

I'd call us a "mid-range" agency, so it's not like we have a ton of applications that we're changing and updating. It's good for us, but I can't really answer how scalable it is because we're not really big.

No issues with scalability.

The solution is scalable.

No issues with scalability.

So far, extremely scalable.

I didn't think there would be any concerns. We didn't exercise that. We didn't, in other words, try to upload gazillion artifacts and files. We just uploaded a few just to see how they handle it. It seemed fairly robust.

There were about ten Java and database developers who were using this solution. We were all collectively reviewing it and getting feedback on it.

It has always worked for us, we haven't found any issues. There have been no problems with scanning small and large objects.

Since it is a SaaS solution, the performance is fine.

I don't think that we are even beginning to push the envelope of what the system is capable of. We haven't had any problems. I'd say we are probably on the lower end of usage, not only the number of scans but regarding the number of applications. I haven't seen any issues, but I also wouldn't expect to hit issues, given where we are.

It's very good; really very good. I would strongly recommend that. Technically I would be expecting a double concept for Veracode. I would still say this is one of the best products ever on that website. I don't have any issues with the scalability. 

It scaled fine. We didn't have any problems with it not being available or going down during our scans. We have used it 100 percent, meaning we've taken advantage of every license we bought.

It has handled all the expansion we have required from it.

None.

No issues encountered.

The one thing we hit was some licensing limitation. Again, it went back to cost, I believe. We had to go back and change our licensing model with Veracode to be able to scan all the things that we wanted to. I think there was some confusion up front with their licensing or cost. 

Like I said, that's really the only area that I've heard some gripes about, but I'm far removed. I'm not sure if it was scalability or a licensing mishap, but we did have some issues early on, with the amount of things that we wanted to scan and what their limits were for us. But ever since whatever was straightened out there, I have not had an issue of scalability.

We have encountered occasional issues with scalability.

No issues with scalability.

We have customers of every size from several hundred to several hundred thousand. The product works well, regardless of the size of the company we are working with.

In our company, other products are using it, not just our product. So it's surely being used by other developers. There is also management between the applications. Each team has its own hierarchy in the company and the organizational levels are handled well in the solution. We have an upper manager and the administrator of the app. And each product has its own dashboards and its own access rights, so I cannot see the results of other people.

It absolutely scales out. Our program is pretty small, but the eventual goal is complete application portfolio coverage. I have no expectation that we are going to have any issues with scaling.

No issues with scalability, we're good there.

No, you don’t have such concerns on Veracode. The process is really "launch and forget" (and wait for results).

We don't plan on increasing usage. We are a product company. We have three products that are built. All of them go through this solution. We are not a services company. 

We have about 80 people on the solution currently. They are all developers.

Because our application is large, it takes a long time to upload and scan.

The solution can scale well. If a company is considering expanding, it should be able to do so without issue.

We do have a limited amount of users on the solution right now.

Scalability doesn't really apply to a software composition analysis tool.

No issues with scalability, other than making sure that our people know how to use it.

We did not encounter any issues with scalability.

No issues with scalability.

There have not been any scalability issues yet.

We haven't encountered any scalability issues with Veracode so far.

No scalability issues yet.

This solution is quite scalable.

We have approximately fifty users, but we definitely have plans to add more.

We have no complaints about scalability. We have between 200 and 300 clients.

Not that I know of.

No issues with scalability.

No.