Loading product reviews...
4.4 out of 5.0 (5 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on Veracode but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 4 out of 5.0, Reviewed

    Product(s): Static Analysis

    Great Support but better SQL injection capability needed.

    Overall Comment

    Disappointed with limited ability to ID SQL injection flaws.

    What one piece of advice would you give other prospective customers?

    Beware of SQL injection flaw issue.

    What do you like most about the product or service?

    Excellent support.

    What do you dislike most about the product?

    SQL injection flaw issue.

    What one thing do you wish the vendor did differently?

    Better SQL injection detection.

    If you could start over, what would your organization do differently?

    nothing.

    Product capabilities - overall comment

    Need better SQL injection flaws.


  • 5 out of 5.0, Reviewed

    Product(s): Software Composition Analysis,Static Analysis

    Overall a great tool for inspecting application's security.

    Overall Comment

    Veracode provides us with a quick, accurate, and details on security issues found in new application development.

    What do you like most about the product or service?

    Automated process to access the developers votes.

    If you could start over, what would your organization do differently?

    No.


  • 4 out of 5.0, Reviewed

    Product(s): Dynamic Analysis,Static Analysis

    Application Security: make SAST a developer’s tool (not the security team's)

    Overall Comment

    I have used the tools from all the major application security vendors, using any of the tools is great improvement in VS manual or limited testing. Veracode is really strong in SAST, customer service and has improved its ability to integrate within the development environment. This space is changing rapidly and improving constantly. I would say the number #1 differentiator of any of the SAST tools is how closely they integrate with your development environment. Unlike most traditional security tools, SAST tools really need to integrate closely with the development community, not the security community.

    What one piece of advice would you give other prospective customers?

    Partner with development.

    If you could start over, what would your organization do differently?

    Nothing.

    Integration & Deployment - Overall comment

    We need to finalize the tools integration with the development environment.


  • 5 out of 5.0, Reviewed

    Product(s): Dynamic Analysis,Static Analysis

    Great results, keeps our site secure with confidence.

    Overall Comment

    Willingness to work with us on all issues especially in the beginning, and the ease of use.

    What one piece of advice would you give other prospective customers?

    Do your research and get Veracode to do a trial PoC. We were unsure until we used the product.

    What do you like most about the product or service?

    Ease of use to scan when we do changes and the ability to do a review with Veracode when we are getting unexpected results.

    What do you dislike most about the product?

    Did not support the latest version of ColdFusion.

    What one thing do you wish the vendor did differently?

    We primarily use this to scan ColdFusion code and it took Veracode a while to update their product to handle the latest version of CF.

    If you could start over, what would your organization do differently?

    No, this was a great experience and the folks at Veracode were extremely helpful.

    Integration & Deployment - Overall comment

    Took a little time to get to the process, but now that we use it all the time using this has been seamless.

    1 of 1 peer(s) found this review helpful.


  • 4 out of 5.0, Reviewed

    Product(s): Static Analysis

    Implementation was quite easy.

    Overall Comment

    Quite satisfied.

    Product capabilities - overall comment

    N/A

    Service & support - overall comment

    Very satisfied.

    Integration & Deployment - Overall comment

    Seemless integration.


Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(3)
4.7

Ability to understand your organization's needs

(4)
4.8

Timely and complete response to product questions

(4)
4.8

Pricing and contract flexibility (pricing and terms)

(3)
4.7
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(5)
4.6

How long did your deployment take?

0 - 3 months (<3)

6 - 9 months (<9)

9 - 12 months (<12)


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(2)
4.5

Ease of integration using standard APIs and tools

(3)
4.3

Quality and availability of end-user training

(3)
4.7

Ease of deployment

(4)
4.3
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(4)
4.5

Did you purchase a support package from vendor?

Yes


Timeliness of vendor's response

(4)
5.0

Quality of technical support

(4)
4.8

Quality of peer user community

(3)
4.3
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(4)
4.3

Dynamic AST as a Tool

(4)
4.0

Dynamic AST as a Service

(3)
4.3

Static AST as a Tool

(4)
4.5

Static AST as a Service

(3)
4.7

Interactive AST

(2)
4.5

Mobile AST

(1)
3.0

Enterprise-Class AST

(3)
4.7

Stand-Alone AST

(2)
4.0
Section
1

Additional Context

What was the nature of your involvement?

Application Lead

Development/Integration

Vendor/Product Selection

Executive Sponsor

Rollout and Install

Technical Assessment

User Training

Vendor Management


What other vendors were considered? Multiple responses allowed.

Checkmarx

IBM

WhiteHat Security

Cigital

Contrast Security

Hewlett Packard Enterprise

Qualys

Trustwave


Why did you purchase this product?

Improve compliance & risk management

Enhance decision making

Improve business process outcomes

Improve business process agility


What were the key factors that drove your decision?

Breadth of services

Product functionality and performance

Overall cost

Strong customer focus

Strong services expertise

Functional breadth

Pre-existing relationships

Strong consulting partnership

Strong user community


In which region(s) did your deployment take place? Multiple responses allowed.

North America