Veracode Security far ahead of competitors
October 12, 2023
Veracode Security far ahead of competitors
Score 8 out of 10
Vetted Review
Verified User
Modules Used
- Static Analysis (SAST)
- Software Composition Analysis (SCA)
- Dynamic Analysis (DAST)
Overall Satisfaction with Veracode
Primarily for scanning web applications, while others might use it to secure mobile apps, APIs, or even IoT devices. The ultimate goal is to reduce the risk of security breaches and ensure that software applications are developed and maintained. IDE integration and security testing are the best feature to identify and address security vulnerabilities in my software applications.
Pros
- IDE Integration
- SCA
- SAST
Cons
- Plug-in pipeline
- CI/CD
- Pull requests
- Compliance standard
- Faster detect
- Reduction of risk
I use Veracode in all part for software development lifecycles for ensuring software being built is secure and meets compliance requirements. The part that now a important also for CI/CD is security testing on pull requests, but that require the right balance between time consumption and details in the results.
We established several process for managing the security flaws arise from Veracode security testing. Every type from SAST, DAST and SCA has a different queue to process and implement the solution as fast as possible and with a dedicated team that can also specialized on the field.
Do you think Veracode delivers good value for the price?
Yes
Are you happy with Veracode's feature set?
Yes
Did Veracode live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Veracode go as expected?
Yes
Would you buy Veracode again?
Yes
Comments
Please log in to join the conversation