A normal review of Veracode
March 27, 2023
A normal review of Veracode
Score 8 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
- Software Composition Analysis (SCA)
Overall Satisfaction with Veracode
We use the Veracode software platform to look for vulnerabilities in our code as well as in the third party libraries we were using. We are in the medical software industry, so the data we deal with is very sensitive in nature so we take security and privacy very seriously.
Pros
- Very good customer support
- Visual Studio Add Ons
- Quick responses to questions
Cons
- Microsoft ADO pipeline support for other scan features
- Reports that can be generated outside of the website
- Summary of multiple reports at the user level and not administrative level
- We saved time in identifying security issues.
- The tool was easy to use allowing us to run the product as needed.
- The thorough scans allowed us to have higher confidence in release of the product.
We use Veracode during the Validation and Verification process of the product. We included the static scanning in our build pipelines so that every time a project is built, the scan is run allowing us to see issues right away.
It allowed us to resolve certain gaps that we were not aware of and allow us to address those issues before release to production.
We used Accunetix as well mainly for web site security testing. We used Veracode for code and third party analysis.
Do you think Veracode delivers good value for the price?
Not sure
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Veracode go as expected?
Yes
Would you buy Veracode again?
Yes
Comments
Please log in to join the conversation