Veracode Continuous Software Security Platform GovCloud

Sold by

An American built, American owned and FedRAMP authorized vendor, Veracode is a 9x leader in Gartner Magic Quadrant for Application Security Testing. The Veracode Continuous Software Security Platform is a comprehensive software security solution that is pervasive not invasive throughout the SDLC. The Veracode platform enables security teams to define & manage policy, gain view of security posture of your application portfolio, leverage rich analytics and reporting to make informed plans, produce evidence to meet regulatory requirements, and deliver a successful DevSecOps program. Your development teams enjoy tools that are seamlessly embedded into their SDLC to continuously scan & prioritize potential issues, provide guidance on how to fix, and offer in-context education to avoid future issues. This always-on orchestration of secure development provides confidence that your software is secure while empowering developers with frictionless support & guidance needed to code securely.

Leave a review

Ratings and reviews

3.8

25 ratings

2 star

48%

28%

12%

0 AWS reviews

25 external reviews

External reviews are from G2 .

Filters

Review type

AWS Marketplace reviews

External reviews

Reviews (25)

Bhanu Prakash M.

Streamlined Security, Effortless Integration

Reviewed on Oct 02, 2025

Review provided by G2

What do you like best about the product?

I find the Veracode Application Security Platform incredibly useful for identifying social injections and providing static code analysis, which helps in addressing all security vulnerabilities effectively. The ease of integrating with GitHub and cloud-based repositories streamlines our development process. The platform's PR static analysis feature is invaluable for maintaining best code practices, especially in preventing SQL injections and cross-site scripting attacks. I also appreciate the comprehensive code analysis capabilities that ensure our applications maintain high security standards.

What do you dislike about the product?

i don't any issues with this security

What problems is the product solving and how is that benefiting you?

I use Veracode to detect security vulnerabilities like SQL injections and cross-site scripting, ensuring robust code practices. It integrates easily with GitHub, providing detailed security analyses that guide us in fixing vulnerabilities effectively.

Information Technology and Services

Complete Code review platform

Reviewed on Dec 13, 2024

Review provided by G2

What do you like best about the product?

We perform SAST and DAST code review on internal developed software in order to grant secure platform and accountability to our customers.
We use 2 licecense since 2018
The support teams is really propositive and contact you before renewal, a specific session is performed in order to understand if the needs changed during years

What do you dislike about the product?

During the years the costs increased faster and each application request a dedicated licence

What problems is the product solving and how is that benefiting you?

Security of applications in order to granting Accountability and compliance,

Consumer Goods

Good product and vision

Reviewed on Jul 16, 2024

Review provided by G2

What do you like best about the product?

Serves great as a single entry point for all our applications portfolio, allowing to have both a general overview and to go in details on the security findings.

What do you dislike about the product?

Account executive way too pushy and creates unneeded pressure.
The company delivers way more features to the US market than EU, and the features are never delivered as promised.
There are mismatches between what is described in the docs and what is actually delivered.
Overly complex license model.
The investment on the customer success package is hard to justify and its services are not measurable.

What problems is the product solving and how is that benefiting you?

Veracode allows us to ensure that our digital products are secure and compliant with security standards, without sacrificing productivity.

Sunil B.

Best security tool to have in the organization

Reviewed on Aug 23, 2023

Review provided by G2

What do you like best about the product?

security scanning which can conduct on our sdk'd , ipa's , jar files is something whoich one should appreciate . Because it gives back the exact report with correction required and suggestions .

What do you dislike about the product?

Fro scanning as we upload sdk'd , ipa's ,jar files . When upload is not successfull ,user is not intimated immediately. This causes little confusion for a new comer.

What problems is the product solving and how is that benefiting you?

Instead of relying on free tools , we have adopted Verqacode for static and dynamic scans and we were able to get good results . Which helped us in identifying things in the right time.

Neha B.

Code Scanning over Veracode

Reviewed on Mar 31, 2023

Review provided by G2

What do you like best about the product?

It's a tool to make a static code scan and detect the exposed secrets or passwords before the application is released. We can create multiple sandboxes and run various parts of the code individually. Veracode can be easily integrated with CI/CD pipelines, making it easy to trigger the scan.

What do you dislike about the product?

Any meditation of false positive flaws is not straightforward or internal to the team. There is always dependency on the Veracode admin team to mitigate the flows, interrupting the overall workflow.

What problems is the product solving and how is that benefiting you?

We use Veracode for static code scanning to identify the vulnerabilities.
It helps us identify the same and fix the code as per the action plan.
We even conduct secure code review end to end for better code processing.

Information Technology and Services

Best tool to analyse or found security threats in code

Reviewed on Aug 03, 2022

Review provided by G2

What do you like best about the product?

Help to analyse or found security threats in code.
Performing Security testing get easy

What do you dislike about the product?

Bit complex to implement and understand the threats.
Description is to less for many errors.
Scaning take more time to complete the result or report

What problems is the product solving and how is that benefiting you?

Security testing to easy by implementing veracode.
It helps to do Vulnerability scanning.
Source code review can also do

Computer Software

Security Platform

Reviewed on Aug 15, 2021

Review provided by G2

What do you like best about the product?

The ease of finding the CVE and possible libraries that needs to be upgrade for security compliance

What do you dislike about the product?

Ease of console usage is a little challenging

What problems is the product solving and how is that benefiting you?

Dynamic Analysis, Penetration testings and Software composition analysis

Supriya T.

Veracode Application Security Platform - Best Security Platform

Reviewed on Dec 02, 2020

Review provided by G2

What do you like best about the product?

We can conduct security testing (both static and dynamic) on any given application . For penetration testing this is the best tool.

- In web application scanning we can conduct
a) Website discovery
b) Dynamic DS
c) Dynamic MP
d) Dynamic Analysis
- Manual Penetration testing
- Code scanning
a) Static analysis
b) Source clear software composite analysis

And top of all its scan reporting features

What do you dislike about the product?

Scanning progress is highly dependent on speed of internet as a result it creates confusion on the completion

What problems is the product solving and how is that benefiting you?

We used other tools for scanning our application . But the scan reports were generated in specific formats. This problem got solved with Veracode because , different clients associated with us prefer different kinds of reports for automation purpose.

Veracode is helping us in getting scan reports in desired formats

Telecommunications

was good overall but back end support was not as effective as expected

Reviewed on Jun 24, 2020

Review provided by G2

What do you like best about the product?

individual code scanning which helps to scan individual code. which is written by each individual and can be scan at the same time

What do you dislike about the product?

backend support isnt good . there should be a proepr backend support that is needed from the veracode support team

What problems is the product solving and how is that benefiting you?

scanning individual code which helps to secure the code in the initial level which decrease the cost of the scanning and security risk

Hospital & Health Care

A must-have tool for your security arsenal.

Reviewed on Oct 18, 2019

Review provided by G2

What do you like best about the product?

Over the years, Veracode has made the tools much faster and more thorough. Their Support group is very good, too. It's great to be able to schedule a consultation, and most of their consultants have been fantastic.

What do you dislike about the product?

On the static scan, sometimes a flaw is detected during one scan, not detected during the next, and subsequently detected on a third. The inconsistency makes it hard to track. Also, they do not make it easy to mitigate flaws other than those for a static scan.

What problems is the product solving and how is that benefiting you?

The platform helps identify any security flaws you have in your code. Also keeps developers on their toes with regard to making sure they don't introduce any *new* flaws.

Recommendations to others considering the product:

I've been very pleased with the Veracode Application Security Platform. It's very easy to use, it's quick, and their support if very good. I highly recommend checking it out.