No more typing reviews! Try our Samantha, our new voice AI agent.

Aqua Cloud Security Platform vs Veracode comparison

Aqua Security and Veracode are both solutions in the Container Security category. Aqua Security is ranked #25, while Veracode is ranked #10 with an average rating of 7.6. Aqua Security holds a 2.9% mindshare in Container Security, compared to Veracode’s 2.6% mindshare. Additionally, 93% of Aqua Security users are willing to recommend the solution, compared to 89% of Veracode users who would recommend it.
Aqua Cloud Security Platform
Read 16 Aqua Cloud Security Platform reviews
  • 6,112 Views
  • 4,401 Comparison Views
93% willing to recommend
Veracode
Read 207 Veracode reviews
  • 23,090 Views
  • 5,542 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 16, 2024

Veracode and Aqua Cloud Security Platform compete in application security. Veracode offers superior features, while Aqua Cloud Security Platform excels in deployment efficiency and customer support.

Features: Veracode provides comprehensive scanning capabilities, effective vulnerability management, and extensive coverage. Aqua Cloud Security Platform offers robust integration, advanced container security, and strong deployment efficiency.

Room for Improvement: Users suggest Veracode improve its reporting capabilities, reduce false positives, and enhance user assistance features. Aqua Cloud Security Platform users recommend better documentation, more streamlined user customization, and improved user assistance features.

Ease of Deployment and Customer Service: Veracode's deployment is considered straightforward but time-consuming for large-scale installations, with reliable customer service. Aqua Cloud Security Platform provides a quicker deployment process and responsive customer service, making it more user-friendly in this aspect.

Pricing and ROI: Veracode's setup cost is generally higher, but users note significant ROI due to its extensive functionality. Aqua Cloud Security Platform offers a more cost-effective setup with satisfactory ROI, especially for those focused on container security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Aqua Cloud Security Platform vs. Veracode Report (Updated: April 2026).
Buyer's Guide
Aqua Cloud Security Platform vs. Veracode
April 2026
Download the complete report
Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Aqua Cloud Security Platform
Ranking in Container Security
25th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
16
Ranking in other categories
Cloud and Data Center Security (17th), Cloud Workload Protection Platforms (CWPP) (21st), Cloud-Native Application Protection Platforms (CNAPP) (19th), Software Supply Chain Security (16th), DevSecOps (15th)
Veracode
Ranking in Container Security
10th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
207
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Software Composition Analysis (SCA) (2nd), Static Code Analysis (1st), Dynamic Application Security Testing (DAST) (1st), Application Security Posture Management (ASPM) (1st)
 

Mindshare comparison

As of May 2026, in the Container Security category, the mindshare of Aqua Cloud Security Platform is 2.9%, down from 3.4% compared to the previous year. The mindshare of Veracode is 2.6%, down from 3.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security Mindshare Distribution
ProductMindshare (%)
Veracode2.6%
Aqua Cloud Security Platform2.9%
Other94.5%
Container Security
 

Featured Reviews

Burak AKCAGUN - PeerSpot reviewer
Burak AKCAGUN
Business Development Manager at Axoft Ukraine
A robust and cost-effective solution, excelling in scalability, on-premises support, and responsive technical support, making it well-suited for enterprises navigating stringent regulatory environment
The most crucial aspect is runtime protection, specifically image scanning before preproduction and deployment. Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment. This feature ensures that customers can identify any potential issues with the image, such as misconfigurations or vulnerabilities, before integrating it into their workloads and infrastructure. In their source pipeline, companies can identify issues before deploying changes. This is crucial because customers prefer resolving any problems or misconfigurations before the deployment process. Software change security, including GSPM Cloud, is a key feature customers seek in their infrastructure.
Read full review
reviewer2703864 - PeerSpot reviewer
reviewer2703864
Head of Security Architecture at a healthcare company with 5,001-10,000 employees
Onboarding developers successfully while improving code security through IDE integration
Regarding room for improvement, we have some problems when onboarding new projects because the build process has to be done in a certain way, as Veracode analyzes the binaries and not the code by itself alone. If the process is not configured correctly, it doesn't work. That's one of the things that we are discussing with Veracode. Something positive that we've been able to do is submit formal feature requests to them, and they are working on them; they've already solved some of them. This encourages us to propose new ideas and improvements. Another improvement that we asked for this use case is to be able to configure how Veracode Fix proposes and fixes because sometimes it makes proposals using libraries that go against our architecture design made by the enterprise architecture team. For example, we want them to propose using another library, and that's something we already asked Veracode, and they are working on it. We want to specify when you see this kind of vulnerability, you can only propose these two options.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"My advice would be to go for it."
"The most valuable features are that it's easy to use and manage."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"We use Aqua Security for the container security features."
"We find the Docker and Kubernetes support for container security most valuable."
"Aqua Security helps us to check the vulnerability of image assurance and check for malware."
"We previously used Alcide; Aqua gives us more features and is more solid in terms of security, and Aqua is more of a market share leader with more of a technology advantage."
"The most valuable feature is the on-demand patching, as there are times when vulnerabilities don't have available fixes, and Aqua Security allows it to pass the vulnerability in real-time while the fix is being developed."
More Aqua Cloud Security Platform pros
"The coding standards in our development group have improved. From scanning our code we've learned the patterns and techniques to make our code more secure. An example would be SQL injection. We have mitigated all the SQL injection in our applications."
"I like Veracode's API. You can put it into a simple bash script and run your own security testing from your MacBook in less than 15 minutes."
"I can have quick results by just uploading compiled components."
"When we do have errors, Veracode is always available, their consultants, to help us either mitigate the error, or provide technical assistance on pointing exactly where the problem is and how we could probably fix it. I'm always amazed at how knowledgeable they are."
"The solution's ability to prevent vulnerable code from going into production is perfectly fine. It delivers, at least for the reports that we have been checking on Java and JavaScript. It has reported things that were helpful."
"The integration with DevOps pipelines is seamless."
"In terms of security best practices and guidance to our dev teams, Veracode has been fantastic."
"We used it for performing security checks. We have many Java applications and Android applications. Essentially it was used for checking the security validations for compliance purposes."
More Veracode pros
 

Cons

"They want to release improvements to their product to work with other servers because now there are more focused on the Kubernetes environment. They need to improve the normal servers. I would like to have more options."
"In the next release, Aqua Security should add the ability to automatically send reports to customers."
"Aqua Security lacks a lot in reporting."
"The solution could improve user-friendliness."
"It's a bit hard to use the user roles. That was a bit confusing."
"Aqua is a bit expensive so you have to really justify going for it or not."
"Aqua Security could provide more open documentation so that their learning resources can be more easily accessed and searched through online."
"Aqua Security lacks a lot in reporting. It provides all the open issues, but no actionable solution is provided."
More Aqua Cloud Security Platform cons
"The solution currently does not support Dynamic Application Security Testing which is an important facet of application security testing."
"Reporting. Some of the reporting features of Veracode do need improvement. They do not have the most robust access to data. That would be a bit more beneficial to a lot of our clients as well as our actual in-house staff. I've been talking to our program management at Veracode about that, and that is actually on their radar to have that improved, I think actually this year."
"It can have more APIs and capabilities to handle other things well. We were doing a trial for it. There were two things that I looked at: one was uploading some Java-related content and the other was uploading database SQL files and having the review done on the quarterback. The Java portion of it worked fine, and it was pretty seamless, but the database portion was not. We uploaded some files to use for vulnerabilities, and the tell-all portion of it was pretty easy. We uploaded a war file and Java files, and we got the reports back on these. They were pretty clear to understand. We did the same thing for the database portion for the most part. However, the content wasn't getting uploaded in a predictable fashion, and it was slow and hard to get done. We had to do it over and over. After it indicated that the content was uploaded, there were no results. There were zero search findings. It was possibly a user error, something that we didn't do correctly, but they had acknowledged that it was something they were currently enhancing. This is something that could be made easier if they haven't already done that. I don't know how many releases they've had in that timeframe. I haven't looked at it since then. It was a trial period."
"They could improve how they fix vulnerabilities. They could have more support in place to help the developers."
"I have contacted the technical support and customer support. With Veracode's technical support, for some issues, it has been really difficult for them to understand the problem, and they ask us to do some tests we've already told them we completed in the first ticket."
"I would like to see more technical support for some of the connectors, some more detailed diagrams or run-books on how to install some of stuff; more hand-holding in the sense of understanding our environment."
"Veracode is a little costly. It's cost-effective for a large enterprise, but it may be too expensive for small businesses."
"To be able to upload source codes without being compiled, that’s one feature that drives us to see other sources."
More Veracode cons
 

Pricing and Cost Advice

"Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle."
"The pricing of this solution could be improved."
"They were reasonable with their pricing. They were pretty down-to-earth about the way they pitched their product and the way they tried to close the deal. They were one of the rare companies that approached the whole valuation in a way that made sense for our company, for our needs, and for their own requirements as well... They will accommodate your needs if they are able to understand them and they're stated clearly."
"Dealing with licensing costs isn't my responsibility, but I know that the licenses don't depend on the number of users, but instead are priced according to your workload."
"It comes at a reasonable cost."
"Veracode is one of the more expensive solutions in the market, but it is worth the expense because of the eLearning and the security consultations; everything is included in the license."
"Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background."
"Pricing seems fair for what is offered, and licensing has been no problem. All developers are able to get the access they need."
"If you're licensing, and you're looking at licensing models, you might want to ask Veracode about their microservice, depending on the company. If you are a microservice architecture, I would suggest asking them about their microservice pricing. I would suggest that you evaluate that with your code and their other licensing model, which is like a lump sum in size of artifacts, and just make sure that you price that out with them, because there might be some tradeoffs that can be made in price."
"I found Veracode very expensive, though I'm not the person paying for it. I was surprised to find out how much the subscription costs and that the executive board approved it, but it was a no-brainer because now my company has better security scans."
"I recommend going for a one-year licensing with CA, because currently they are the leaders in this field with more features and a much better turn around time with a cheaper position, but there are a lot of new companies coming up in the market and they are building up their platforms."
"The pricing is pretty high."
"The pricing is a little on the high side but since we combine our product into one suite, it is easy to do and works well for us."
More Veracode pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
See recommendations
893,221 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
22%
Government
9%
Computer Software Company
8%
Manufacturing Company
8%
Financial Services Firm
16%
Manufacturing Company
11%
Computer Software Company
11%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise1
Large Enterprise10
By reviewers
Company SizeCount
Small Business69
Midsize Enterprise45
Large Enterprise114
 

Questions from the Community

What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
See all answers
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
See all answers
What do you like most about Veracode Static Analysis?
I like its integration with GitHub. I like using it from GitHub. I can use the GitHub URL and find out the vulnerabilities.
See all answers
What is your experience regarding pricing and costs for Veracode Static Analysis?
My experience with pricing, setup cost, and licensing for Veracode is that it is fairly moderate.
See all answers
 

Comparisons

Sysdig Secure vs Aqua Cloud Security Platform Logo
Sysdig Secure vs Aqua Cloud Security Platform
Compared 10% of the time
Prisma Cloud by Palo Alto Networks vs Aqua Cloud Security Platform Logo
Prisma Cloud by Palo Alto Networks vs Aqua Cloud Security Platform
Compared 8% of the time
Wiz vs Aqua Cloud Security Platform Logo
Wiz vs Aqua Cloud Security Platform
Compared 5% of the time
TrendAI Deep Security vs Aqua Cloud Security Platform Logo
TrendAI Deep Security vs Aqua Cloud Security Platform
Compared 4% of the time
Snyk vs Aqua Cloud Security Platform Logo
Snyk vs Aqua Cloud Security Platform
Compared 4% of the time
More Aqua Cloud Security Platform Competitors
SonarQube vs Veracode Logo
SonarQube vs Veracode
Compared 7% of the time
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
Compared 6% of the time
HCL AppScan vs Veracode Logo
HCL AppScan vs Veracode
Compared 3% of the time
GitHub Advanced Security vs Veracode Logo
GitHub Advanced Security vs Veracode
Compared 3% of the time
OWASP Zap vs Veracode Logo
OWASP Zap vs Veracode
Compared 3% of the time
More Veracode Competitors
 

Product Reports

Buyer's Guide
Aqua Cloud Security Platform
May 2026
Aqua Cloud Security Platform reportDownload Aqua Cloud Security Platform product report
Buyer's Guide
Veracode
April 2026
Veracode reportDownload Veracode product report
 

Also Known As

Aqua Security Platform, CloudSploit, Argon
Crashtest Security , Veracode Detect
 

Overview

Aqua Cloud Security Platform supports container environments with strong features such as Docker and Kubernetes integration, efficient vulnerability management, and seamless runtime protection, making it a key choice for cloud and container security.

Aqua Cloud Security Platform focuses on comprehensive container and cloud security enhancements. It offers robust tools for Docker and Kubernetes, efficient vulnerability management, and on-demand patching. The platform is praised for its Runtime Protection, Drift Prevention, and robust documentation, promoting seamless integration with existing platforms. Image scanning, Digital Threat Analysis, and sandboxing services accentuate security measures while integration with Docker Hub ensures ease of use. Scalable runtime policies, image assurance, and dynamic threat analysis simplify security tasks. Challenges remain in developing web security portals and greater standard server integration. Enhancing reporting, simplifying training, and improving log forwarding are key goals. Resource consumption, clearer roles, automation, and code analysis are vital future considerations.

What are the most important features of Aqua Cloud Security Platform?
  • Docker and Kubernetes Support: Ensures container security and streamlined operations.
  • Vulnerability Management: Efficient scanning and on-demand patching.
  • Strong Runtime Protection: Implements Drift Prevention and scalable policies.
  • Seamless Integration: Works with existing platforms for optimal performance.
  • Image Assurance and Threat Analysis: Provides thorough security checks and dynamic analysis.
What benefits or ROI can users expect?
  • Simplified Container Security: Streamlines container and cloud tasks for enhanced protection.
  • Enhanced Image Assessment: Detects configurations and risks efficiently.
  • Greater Data Protection: Ensures application visibility and security in deployments.
  • Flexible Licensing Models: Offers potential for reconsideration and optimization.

Aqua Cloud Security Platform is leveraged in industries focusing on container security, vulnerability scanning, and securing Kubernetes configurations within CI/CD pipelines. It is employed for image assessments and network security, demonstrating its efficacy in cloud applications and workload protection. Efficiently identifying misconfigurations and risks in cloud environments, it provides scanning for public clouds and docker environments, emphasizing data protection and application visibility tailored to customer-specific deployments.

Aqua Security

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

  • Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
  • Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
  • Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
  • Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
  • Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

  • Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
  • Scalability - Supports organizations with large-scale application portfolios.
  • Compliance support - Ensures applications meet various security standards and regulations.
  • Developer training - Provides tools for educating developers on secure coding practices.
  • Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.


Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Veracode
 

Sample Customers

HPE Salesforce Telstra Ellie Mae Cathay Pacific HomeAway
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Buyer's Guide
Aqua Cloud Security Platform vs. Veracode
April 2026
Free Report: Aqua Cloud Security Platform vs. Veracode
Find out what your peers are saying about Aqua Cloud Security Platform vs. Veracode and other solutions. Updated: April 2026.
DOWNLOAD NOW
893,221 professionals have used our research since 2012.
See our Aqua Cloud Security Platform vs. Veracode report.
See our list of best Container Security vendors.

We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.