Veracode - A step to securing your application
November 18, 2016

Veracode - A step to securing your application

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Veracode

My Veracode Experience was efficient. I used Veracode for an legacy application that was coded in c++. It had many functions used that did not meet up with the security standards.These functions used were not the secure versions released later by Microsoft and thus created threat to the application. Veracode scanned the code with great efficiency and provided us a report of:
1) How secure our application is by giving an initial score.
2) Which line has an issue that could compromise the security of the application.
3) The mitigation that can be used for a particular flaw occurring at a particular line.
4) The severity of the that flaw and what should be the priority to mitigate it.
5) A To-Be score to be achieved by our system so that it meets the security standards and our application becomes secure.
After scanning the code, and identifying the flaws, we segregated those flaws based on priority - High, Medium, Low and worked on the highest flaws at earliest.

Pros

  • Extremely efficient for large amount of code as it scans and saves time and resources.
  • Report given about security of the application is detailed and very easy to work on.
  • Secure application and ensures code is safe.

Cons

  • Available online - SaaS, could be a desktop application too.
  • I was an employee working on Veracode. As a software developer I am not aware of the impact on business.
I believe Veracode is better than others because of its efficiency and security.
Scenarios Veracode is suited is when working on legacy application developed over many years that can have functions that can pose a threat to security.

Comments

More Reviews of Veracode

  1. Home
  2. Application Security Tools
  3. Veracode Reviews
  4. User Review of Veracode