Technical Architect at a tech vendor with 201-500 employees
User
2020-02-05T04:43:10Z
Feb 5, 2020
I would recommend Veracode. Our uses cases included removing vulnerable code from our Product and ensuring the product is secure. Veracode helps us in regularly scanning our code base and reporting our vulnerabilities which we can fix before exploited. The static scan and SCA reports are the important once. Besides, the Veracode Verified program helps us showcase our security posture to our customers to win their trust
Head of Software Delivery at a tech services company with 51-200 employees
Real User
2020-07-09T07:34:34Z
Jul 9, 2020
I would recommend them. They have the ability to cover multiple languages and come with all the features you would expect from a paid solution. But do note, it is a paid solution.
The Veracode guys are good though and will happily walk you through the solutions they offer to make sure the proposal is one that actually fits your problem, rather than try to sell it to you when it doesn't make sense etc.
Senior Project Manager at a computer software company with 1,001-5,000 employees
Real User
2020-07-08T05:53:51Z
Jul 8, 2020
It depends on whether Veracode is recommended or not completely based on the technology they are using. for JAVA applications yes recommended. but for python maybe not much usefull.
Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.
Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references....
I would recommend Veracode. Our uses cases included removing vulnerable code from our Product and ensuring the product is secure. Veracode helps us in regularly scanning our code base and reporting our vulnerabilities which we can fix before exploited. The static scan and SCA reports are the important once. Besides, the Veracode Verified program helps us showcase our security posture to our customers to win their trust
I would recommend them. They have the ability to cover multiple languages and come with all the features you would expect from a paid solution. But do note, it is a paid solution.
The Veracode guys are good though and will happily walk you through the solutions they offer to make sure the proposal is one that actually fits your problem, rather than try to sell it to you when it doesn't make sense etc.
It depends on whether Veracode is recommended or not completely based on the technology they are using. for JAVA applications yes recommended. but for python maybe not much usefull.