Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Veracode: A Continuous Software Security Platform

Veracode | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

23 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Glenn J.

Veracode is a good strong source vulnerability scanner

  • November 20, 2017
  • Review provided by G2

What do you like best about the product?
I like that Veracode has a tool that allows a programmer to use Visual Studio to run the tool. I also allows the programmer to view vulnerabilities in the source code reported by Veracode within Visual Studio. This make it very well integrated with Visual Studio.
What do you dislike about the product?
Veracode can take quite a bit of time to run a source code analysis. This can be discouraging to the programmers and sometimes they do not run Veracode because of this slowness.
What problems is the product solving and how is that benefiting you?
My company is using Veracode as the first item to be run before a Application Security Review. It shows the items that are the possible problems before running a dynamic vulnerability scan.
Recommendations to others considering the product:
If you need static code security analysis, and who doesn't, this is the product for you.

    Retail

Good concept, terrible implementation

  • March 30, 2017
  • Review verified by G2

What do you like best about the product?
The idea. I'm a big evangelist of clean code and standards.
What do you dislike about the product?
Everything:
- Scans inaccurate
- Slow
- Outdated UI
- Not user friendly
- Terrible HTTP API for automation
- Bad customer support
- One of our applications, only 1 out of hundreds issues turns out to be true.
What problems is the product solving and how is that benefiting you?
No benefits. I only use Veracode because it is enforced by company policies
Recommendations to others considering the product:
If you want your developers frustrated, go ahead and impose veracode. SonarQube together with Findbugs provides more useful feedback.

    Alex G.

Great idea, mediocre execution, terrible customer support

  • February 19, 2017
  • Review verified by G2

What do you like best about the product?
The world needs something like Veracode. Cyberthreats are too complex and are changing too fast for average software developers to keep up with all the necessary expertise and techniques. Separating cybersecurity testing into a standalone, purpose-built service simply makes sense. I appreciate that Veracode is, at least in theory, attempting to be that platform.
What do you dislike about the product?
Unfortunately, Veracode hasn't actually found the formula for success yet. The interface is clunky and disjointed, the documentation is confusing, and customer support takes literally weeks or months to respond to requests. It's a classic case of an excellent idea with lackluster execution.
What problems is the product solving and how is that benefiting you?
So far, despite quite a bit of money and effort on my part as an independent developer, Veracode has not helped me make any meaningful improvements in the security of my software products. I can't say I've realized any benefits.
Recommendations to others considering the product:
Press their sales people hard for details about whether the platform actually covers your security needs. Despite claiming broad coverage, there are some large holes.

showing 21 - 23