Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Veracode: A Continuous Software Security Platform

Veracode

Reviews from AWS customer

12 AWS reviews

External reviews

87 reviews
from and

External reviews are not included in the AWS star rating for the product.

    Biotechnology

Veracode App

  • February 05, 2019
  • Review provided by G2

What do you like best about the product?
It provides a fair amount of security but has some quirks.
What do you dislike about the product?
Not as user friendly as I would like it to be
What problems is the product solving and how is that benefiting you?
My experience is using Peer reviews.

    Logistics and Supply Chain

The leader in application vulnerability scanning

  • February 05, 2019
  • Review provided by G2

What do you like best about the product?
Single solution for both static and dynamic scans.
What do you dislike about the product?
There's a little bit of a learning curve.
What problems is the product solving and how is that benefiting you?
Developing secure software.

    Insurance

Comprehensive code Security Reporting

  • January 31, 2019
  • Review provided by G2

What do you like best about the product?
It is easy to integrate with code build tools and produces comprehensive reports about the code quality and security vulnerabilities.
What do you dislike about the product?
Nothing much to consider but it needs little bit of tweaks in order to tailor to your needs and to suit multiple technologies.
What problems is the product solving and how is that benefiting you?
It serves multiple purposes like static code analysis and security vulnerabilities at one shot and produces good reports.

    Information Technology and Services

Great tool to find security flaws

  • January 29, 2019
  • Review provided by G2

What do you like best about the product?
Veracode is good static analysis tool to find security flaws. I use this tool to scan my java microservices jar files. it's easy to configure. It does not require source code and accepts binary files and scans them.
We can either manually scan files or integrate with jenkin so jars are auto scanned on every build.
What do you dislike about the product?
can takes some time . It could be better if scanning time is improved.
What problems is the product solving and how is that benefiting you?
We use veracode to identify flaws and malicious code in applications before they are bought or deployed. It helps to build more secure application.

    Human Resources

Lots of work for little gain

  • June 26, 2018
  • Review provided by G2

What do you like best about the product?
Was required by some of our customers, allowed us to scan code and develop higher confidence in security robustness
What do you dislike about the product?
Huge number of false positives that needed to be explained away, did not deal well with 3rd party libraries
What problems is the product solving and how is that benefiting you?
Static code analysis for security
Recommendations to others considering the product:
try it once, and you will run away

    Computer Software

Great, In Depth Scanned with Limited Experience Support

  • December 28, 2017
  • Review provided by G2

What do you like best about the product?
Veracode combines human and automated scanning to offer a really robust report. Reports are actionable, remediation is automated, and executive summaries are available on demand.
What do you dislike about the product?
Veracode today is robust for static scans, but limited to specific mobile builds and Firefox for dynamic scans. This makes analyzing Saas apps that do not support Firefox particularly challenging.
What problems is the product solving and how is that benefiting you?
Application security, vulnerability assessment.
Recommendations to others considering the product:
If your app supports Firefox, this is the best tool on the market!

    Glenn J.

Veracode is a good strong source vulnerability scanner

  • November 20, 2017
  • Review provided by G2

What do you like best about the product?
I like that Veracode has a tool that allows a programmer to use Visual Studio to run the tool. I also allows the programmer to view vulnerabilities in the source code reported by Veracode within Visual Studio. This make it very well integrated with Visual Studio.
What do you dislike about the product?
Veracode can take quite a bit of time to run a source code analysis. This can be discouraging to the programmers and sometimes they do not run Veracode because of this slowness.
What problems is the product solving and how is that benefiting you?
My company is using Veracode as the first item to be run before a Application Security Review. It shows the items that are the possible problems before running a dynamic vulnerability scan.
Recommendations to others considering the product:
If you need static code security analysis, and who doesn't, this is the product for you.

    Retail

Good concept, terrible implementation

  • March 30, 2017
  • Review provided by G2

What do you like best about the product?
The idea. I'm a big evangelist of clean code and standards.
What do you dislike about the product?
Everything:
- Scans inaccurate
- Slow
- Outdated UI
- Not user friendly
- Terrible HTTP API for automation
- Bad customer support
- One of our applications, only 1 out of hundreds issues turns out to be true.
What problems is the product solving and how is that benefiting you?
No benefits. I only use Veracode because it is enforced by company policies
Recommendations to others considering the product:
If you want your developers frustrated, go ahead and impose veracode. SonarQube together with Findbugs provides more useful feedback.

    Alex G.

Great idea, mediocre execution, terrible customer support

  • February 19, 2017
  • Review provided by G2

What do you like best about the product?
The world needs something like Veracode. Cyberthreats are too complex and are changing too fast for average software developers to keep up with all the necessary expertise and techniques. Separating cybersecurity testing into a standalone, purpose-built service simply makes sense. I appreciate that Veracode is, at least in theory, attempting to be that platform.
What do you dislike about the product?
Unfortunately, Veracode hasn't actually found the formula for success yet. The interface is clunky and disjointed, the documentation is confusing, and customer support takes literally weeks or months to respond to requests. It's a classic case of an excellent idea with lackluster execution.
What problems is the product solving and how is that benefiting you?
So far, despite quite a bit of money and effort on my part as an independent developer, Veracode has not helped me make any meaningful improvements in the security of my software products. I can't say I've realized any benefits.
Recommendations to others considering the product:
Press their sales people hard for details about whether the platform actually covers your security needs. Despite claiming broad coverage, there are some large holes.

showing 91 - 99