No more typing reviews! Try our Samantha, our new voice AI agent.

Legit Security vs Veracode comparison

Legit Security and Veracode are both solutions in the Application Security Posture Management (ASPM) category. Legit Security is ranked #13, while Veracode is ranked #1 with an average rating of 7.5. Legit Security holds a 2.7% mindshare in ASPM, compared to Veracode’s 10.1% mindshare. Additionally, 100% of Legit Security users are willing to recommend the solution, compared to 89% of Veracode users who would recommend it.
Sponsored
Cortex Cloud by Palo Alto N...
Read 11 Cortex Cloud by Palo Alto Networks reviews
  • 4,552 Views
  • 455 Comparison Views
100% willing to recommend
Legit Security
Read 4 Legit Security reviews
  • 1,323 Views
  • 741 Comparison Views
100% willing to recommend
Veracode
Read 208 Veracode reviews
  • 24,557 Views
  • 4,420 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 13, 2024

Veracode and Legit Security compete in software security solutions, each having distinct advantages. Veracode leads in pricing and support, while Legit Security may have an edge with its robust features.

Features: Veracode offers a range of security testing options including static and dynamic analysis, and software composition analysis. It is recognized for its integration capabilities and extensive scanning suite. Legit Security is notable for its CI/CD security integrations and real-time risk assessment, appealing to organizations focused on continuous integration practices.

Room for Improvement: Veracode could enhance its user interface for better ease of use, reduce false positives, and improve the speed of its scans. Legit Security might benefit from refining its secret detection capabilities, addressing its false positive rate, and expanding its feature set for broader security coverage.

Ease of Deployment and Customer Service: Veracode's straightforward SaaS deployment model is complemented by dedicated support. It integrates well but follows a more traditional installation process. Legit Security also offers a SaaS model with quick deployment and personalized service, promising faster configuration and setup.

Pricing and ROI: Veracode provides competitive pricing with an ROI focus through a broad suite of security features, beneficial for larger enterprises. Legit Security’s pricing aligns with its focus on CI/CD pipelines, offering a specific ROI advantage for companies prioritizing pipeline security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Legit Security vs. Veracode Report (Updated: April 2026).
Buyer's Guide
Legit Security vs. Veracode
April 2026
Download the complete report
Helped 900,644 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Cloud by Palo Alto N...
Sponsored
Ranking in Application Security Posture Management (ASPM)
7th
Average Rating
8.6
Reviews Sentiment
5.7
Number of Reviews
11
Ranking in other categories
Vulnerability Management (29th), Cloud Workload Protection Platforms (CWPP) (13th), Cloud Security Posture Management (CSPM) (16th), Cloud-Native Application Protection Platforms (CNAPP) (11th), Data Security Posture Management (DSPM) (11th), Software Supply Chain Security (6th), Cloud Infrastructure Entitlement Management (CIEM) (7th), Cloud Detection and Response (CDR) (6th)
Legit Security
Ranking in Application Security Posture Management (ASPM)
13th
Average Rating
10.0
Reviews Sentiment
7.8
Number of Reviews
4
Ranking in other categories
Software Supply Chain Security (17th)
Veracode
Ranking in Application Security Posture Management (ASPM)
1st
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
208
Ranking in other categories
Application Security Tools (3rd), Static Application Security Testing (SAST) (3rd), Container Security (12th), Software Composition Analysis (SCA) (2nd), Static Code Analysis (1st), Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

As of June 2026, in the Application Security Posture Management (ASPM) category, the mindshare of Cortex Cloud by Palo Alto Networks is 2.2%, up from 0.2% compared to the previous year. The mindshare of Legit Security is 2.7%, up from 2.6% compared to the previous year. The mindshare of Veracode is 10.1%, down from 20.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Posture Management (ASPM) Mindshare Distribution
ProductMindshare (%)
Veracode10.1%
Cortex Cloud by Palo Alto Networks2.2%
Legit Security2.7%
Other85.0%
Application Security Posture Management (ASPM)
 

Featured Reviews

SJ
Sonali Jha
Technical Solutions Architect at IBM
Cloud security has improved as AI-driven runtime protection detects threats and reduces incidents
In my opinion, Cortex Cloud by Palo Alto Networks could be improved or enhanced in various ways. I don't have an idea about that yet because for that you actually need to use two or three different other tools to make a basic comparison. If you ask me how good the tool is, I would fairly rate it quite high. The tool is very popular, and customers can already see that it is one of the cloud leaders in the security space. The platform had a very good feature which provides documentation links about how to use a specific feature on the UI. It takes you to the proper documentation page where it suggests what to do and tells you about the steps that need to be done for a resource deployment. My thoughts about improving the product which I believe could greatly aid vendors is that it used to be a very user-friendly tool, but now they have incorporated everything under one umbrella. It has XDR, XSOAR, and Cortex Cloud by Palo Alto Networks. Before, we used to have separate modules and separate environments for each of these capabilities or features. Right now, it is a little complex and users would take their own time to know the tool better. This is something that would have been way better, but I would say there would be different opinions on this. Talking about user-friendliness, it has decreased now.
Read full review
Tim Crothers - PeerSpot reviewer
Tim Crothers
CISO at Mandiant / FireEye
Provides strong visibility, straightforward integration, and reduces the risk of attacks
Legit Security is a product that hyper-focuses on the various aspects of the software development pipeline. For example, if an engineer spins off a new project and stands up a new Git project, Legit automatically detects it, connects Snyk and other tools, and ensures the engineering team doesn't have to think about it. This way, we stay on top of security from the beginning. On the other hand, Legit provides a clear view of the controls around repositories. We have standards requiring code reviews and similar practices, and Legit shows us whether these are being followed. Additionally, Legit helps us identify unmaintained repositories, which often arise when engineering teams try something and leave it behind. This knowledge allows us to determine the appropriate action for these neglected projects. One area where Legit falls short is secret detection. While it functions well overall, the feature has a 10-20 percent false positive rate, requiring some manual intervention. Almost everything else works flawlessly. The true value proposition of Legit lies not in its features but in its ability to support our product security program's focus on creating guardrails instead of toll gates. Unlike traditional programs that require security reviews at specific stages, hindering development flow, we strive to partner with the product engineering team to ship secure code seamlessly within their existing workflows. Legit plays a crucial role in this by automatically notifying us of new projects, eliminating the need for manual communication. This partnership approach, enabled by Legit, allows us to work much closer with our engineering teams than ever before.
Read full review
reviewer2753535 - PeerSpot reviewer
reviewer2753535
DevSecOps Engineer at a tech services company with 1,001-5,000 employees
Integrates security into the development process and improves team collaboration
Veracode helps organizations develop software by reducing the risk of security vulnerabilities through developer enablement and applications focused on governance. You can utilize different levels of processes to achieve better performance or a more scalable service. Since I started working with it in 2022, I’ve found it to be cost-effective as well. Overall, Veracode is a user-friendly security tool. It includes features such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). During the development phase, we can identify vulnerabilities in the application. This process occurs in the staging environment during development. When we're ready to go to production, we conduct a final check. Essentially, this tool helps identify vulnerabilities during the code development stage, including both high-level vulnerabilities and those related to open-source software composition. We utilize specific methodologies for this purpose. Additionally, it offers a feature that allows us to set up policies based on client requirements. This means we can customize the tool to meet the specific needs of our clients, ensuring that they receive the appropriate level of security in their applications. Veracode is user-friendly as well. Compared to other tools, their scans take 15 minutes or under. If you have a large scale of libraries or data, it might take longer, but based on my personal experience, the scan usually runs within fifteen minutes. For my case study using the Veracode tool, I worked on an internal project following industry standards. We used Veracode to improve our security posture and speed up the time to market by streamlining the development process. This enhanced collaboration between developers, operations, and security teams. The automated scanning process helped identify and fix vulnerabilities earlier in the development process. We maintained compliance with regulatory requirements, avoided fines, and built customer trust by integrating security into the development process. When we conduct this scan, we receive data on a list of vulnerabilities. This information improved our communication and increased transparency, which leads to better reports about the efforts being put in. This results in a more effective and efficient collaboration process, making it user-friendly for all involved. When considering costs, if we resort to manual processes, it can be time-consuming. Therefore, we utilize automated scans to identify and fix security issues. This allows us to address vulnerabilities early in the development process, as we discussed previously. This applies both to our in-house code and third-party libraries, using Software Composition Analysis (SCA) agent-based scans. In the future, we will also implement SCA agent-based scans as a separate feature within Veracode, which can help organizations avoid the expensive and time-consuming consequences of security issues. Furthermore, we have seen an increase in compliance, helping to maintain adherence to regulatory requirements and industry standards, thereby avoiding fines and reputational damage associated with noncompliance. Additionally, by integrating security into the development process, we enhance customer trust in our organization and its products.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex Cloud by Palo Alto Networks has impacted our organization positively by keeping our machines secure and our team using the dashboard to find issues quickly."
"Previously with Cortex Cloud by Palo Alto Networks, I deployed this product for one of my customers, and after three to four months, they said that previously they had around four hours of MTTR, and now it has reduced to just 15 to 20 minutes."
"The capabilities of Cortex Cloud by Palo Alto Networks are valuable because it is the best product in the market."
"Overall, Cortex Cloud by Palo Alto Networks is a technically strong product, and I rate it ten out of ten."
"Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time is impressive."
"I have absolutely seen improvements in our incident close rates, with mean time to detect and respond reduced significantly, sometimes by at least forty to fifty percent."
"From a technical standpoint or pricing, Cortex Cloud by Palo Alto Networks is a stronger solution in the market at the moment compared to other products from ConnectWise or Symantec."
"The most valuable features I have found in Cortex Cloud by Palo Alto Networks are those that we provided to customers in a stock environment, as we have done some POCs and tried to check how it can help different organizations, and this same solution has been positioned for multiple customers."
More Cortex Cloud by Palo Alto Networks pros
"The true value proposition of Legit lies not in its features but in its ability to support our product security program's focus on creating guardrails instead of toll gates."
"Legit has had a positive effect on our overall security posture."
"We implemented Legit Security to gain visibility into all development teams and ensure that consistent controls are in place and accounted for on every route."
"Legit has increased my security posture to a level I couldn't achieve before. I don't need to worry as much about what's happening within my developer environments. I can rest assured that my vulnerabilities are being detected."
"Source code composition analysis for vulnerabilities and license compliance is the most valuable feature."
"The most valuable feature of Veracode Static Analysis is the scanning."
"I found the solution pretty straightforward, and I'm not terribly technical."
"The static analysis gives you deep insights into problems."
"Static code scanning is the most valuable feature."
"The CSCA vulnerability scanning is useful."
"Our customers have benefited by being able to have a little bit more assurance from us, from a trusted authority, that our code is properly flaw-free and remediated."
"The static scan is the feature that we use the most, as it gives us insight into our source code. We have it integrated with our continuous integration, continuous delivery system, so we can get insight quickly."
More Veracode pros
 

Cons

"As per my experience with Cortex Cloud by Palo Alto Networks, the UI could be simpler."
"Cortex Cloud by Palo Alto Networks is creating some confusion in terms of names because this is recent."
"Overall, I rate Cortex Cloud by Palo Alto Networks as an eight out of ten. I think that it could improve on price, as I know that the Google solution has the best price, and this is one of the conditions."
"The pricing is high, making ROI challenging to justify, especially during transitions between solutions."
"The negative aspects or areas for improvement in the product include the fact that the cost might be a bit high, which challenges commercials, but not technically."
"My thoughts about improving the product which I believe could greatly aid vendors is that it used to be a very user-friendly tool, but now they have incorporated everything under one umbrella."
"In my opinion, Cortex Cloud by Palo Alto Networks can be improved by addressing forensic information collection and storage, although I cannot suggest specific things right now, based on what customers might need."
"Some aspects of the GUI can be confusing and make it difficult for me to find certain options or navigate where needed."
More Cortex Cloud by Palo Alto Networks cons
"The one we're working on right now is the ability to dynamically rerun development teams and groups."
"I would like them to have their own static code scanner, and I'd like them to have their own open-source software scanners."
"Legit Security could do a little better with detecting publicly exposed keys. It's not bad. The detections that they are running get to everything eventually, but it would be great if they could increase some of that awareness."
"One issue is that engineering teams don't always embed secrets in the same way, making it difficult for the tool to consistently identify them."
"Veracode has areas for improvement in that the scan takes some time for each Jar depending on the size."
"I would like to see more technical support for some of the connectors, some more detailed diagrams or run-books on how to install some of the stuff; more hand-holding in the sense of understanding our environment."
"Veracode needs to improve its integration with other tools."
"It's taking too much time to do a quality scan."
"There should be more APIs, especially in SCA, to get some results or automate some things."
"Veracode has plenty of data. The problem is the information on the dashboards of Veracode, as the user interface is not great. It's not immediately usable. Most of the time, the best way to use it is to just create issues and put them in JIRA... But if I were a startup, and only had products with a good user interface, I wouldn't use Veracode because the UI is very dated."
"The sandbox could use some improvement; when creating a sandbox, it requires us to put the application name in twice, which seems unnecessary."
"Number one, I need analytics, analytics, and more analytics. It is all about risk based management and better decision support, that is why."
More Veracode cons
 

Pricing and Cost Advice

Information not available
"The pricing is reasonable."
"Negotiate some, but their prices are reasonable."
"We are still considering it at the enterprise level. It has a subscription-based model. We find its price a little high based on the features it provides."
"Veracode's price is reasonable."
"Veracode is one of the more expensive solutions in the market, but it is worth the expense because of the eLearning and the security consultations; everything is included in the license."
"Regarding licensing, pay very close attention to what applications you're going to need to do dynamic scanning for, versus static. Right now, the way the licensing is set up, if you don't have any static elements for a website, you can certainly avoid some costs by doing more dynamic licenses. You need to pay very close attention to that, because if you find out later that you have static code elements - like Java scripts, etc. - that you want to have scanned statically, having the two licenses bundled together will actually save you money."
"Veracode is affordable for large organizations, but its pricing may be out of reach for small and medium companies."
"I recommend going for a one-year licensing with CA, because currently they are the leaders in this field with more features and a much better turn around time with a cheaper position, but there are a lot of new companies coming up in the market and they are building up their platforms."
"I think licensing needs to be changed or updated so that it works with adjustments. Pricing is expensive compared to the amount of scanning we perform."
More Veracode pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Posture Management (ASPM) solutions are best for your needs.
See recommendations
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Construction Company
11%
Financial Services Firm
8%
Outsourcing Company
7%
Financial Services Firm
13%
University
12%
Manufacturing Company
7%
Retailer
7%
Financial Services Firm
16%
Manufacturing Company
11%
Computer Software Company
9%
Construction Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise1
Large Enterprise4
No data available
By reviewers
Company SizeCount
Small Business69
Midsize Enterprise46
Large Enterprise114
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex Cloud by Palo Alto Networks?
I am not fully aware of the pricing and licensing of Cortex Cloud by Palo Alto Networks. The pricing is also based on...
See all answers
What needs improvement with Cortex Cloud by Palo Alto Networks?
In my opinion, Cortex Cloud by Palo Alto Networks could be improved or enhanced in various ways. I don't have an idea...
See all answers
What is your primary use case for Cortex Cloud by Palo Alto Networks?
The usual use cases for Cortex Cloud by Palo Alto Networks that I have been working with mostly are as simple as dete...
See all answers
Ask a question
Earn 20 points
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. Son...
See all answers
What is the biggest difference between Veracode and Checkmarx?
According to my experience of using both the tools in different organizations Veracode is a Cloud-native, managed Ap...
See all answers
What is your experience regarding pricing and costs for Veracode Static Analysis?
My experience with pricing, setup cost, and licensing for Veracode is that it is fairly moderate.
See all answers
 

Comparisons

Wiz vs Cortex Cloud by Palo Alto Networks Logo
Wiz vs Cortex Cloud by Palo Alto Networks
Compared 11% of the time
Prisma Cloud by Palo Alto Networks vs Cortex Cloud by Palo Alto Networks Logo
Prisma Cloud by Palo Alto Networks vs Cortex Cloud by Palo Alto Networks
Compared 11% of the time
SentinelOne Singularity Cloud Security vs Cortex Cloud by Palo Alto Networks Logo
SentinelOne Singularity Cloud Security vs Cortex Cloud by Palo Alto Networks
Compared 8% of the time
WithSecure Elements Exposure Management (XM) vs Cortex Cloud by Palo Alto Networks Logo
WithSecure Elements Exposure Management (XM) vs Cortex Cloud by Palo Alto Networks
Compared 7% of the time
Microsoft Defender for Cloud vs Cortex Cloud by Palo Alto Networks Logo
Microsoft Defender for Cloud vs Cortex Cloud by Palo Alto Networks
Compared 5% of the time
More Cortex Cloud by Palo Alto Networks Competitors
Docker vs Legit Security Logo
Docker vs Legit Security
Compared 21% of the time
Ox Security vs Legit Security Logo
Ox Security vs Legit Security
Compared 14% of the time
Ivanti Neurons for ASPM vs Legit Security Logo
Ivanti Neurons for ASPM vs Legit Security
Compared 9% of the time
Heeler vs Legit Security Logo
Heeler vs Legit Security
Compared 8% of the time
Sonatype Lifecycle vs Legit Security Logo
Sonatype Lifecycle vs Legit Security
Compared 2% of the time
More Legit Security Competitors
SonarQube vs Veracode Logo
SonarQube vs Veracode
Compared 6% of the time
Checkmarx One vs Veracode Logo
Checkmarx One vs Veracode
Compared 5% of the time
HCL AppScan vs Veracode Logo
HCL AppScan vs Veracode
Compared 3% of the time
Coverity Static vs Veracode Logo
Coverity Static vs Veracode
Compared 3% of the time
Invicti vs Veracode Logo
Invicti vs Veracode
Compared 3% of the time
More Veracode Competitors
 

Product Reports

Buyer's Guide
Cortex Cloud by Palo Alto Networks
June 2026
Cortex Cloud by Palo Alto Networks reportDownload Cortex Cloud by Palo Alto Networks product report
Buyer's Guide
Legit Security
June 2026
Legit Security reportDownload Legit Security product report
Buyer's Guide
Veracode
May 2026
Veracode reportDownload Veracode product report
 

Also Known As

No data available
No data available
Crashtest Security , Veracode Detect
 

Overview

Cortex Cloud by Palo Alto Networks enhances cloud security with features like AI/ML threat detection and automated remediation, ensuring real-time protection and efficient management across cloud environments.

Cortex Cloud by Palo Alto Networks offers comprehensive cloud security posture management and runtime protection. It reduces manual tasks and accelerates incident investigation through advanced threat detection and AI-driven anomaly detection. With integration to the MITRE ATT&CK framework, it boosts threat response while reducing incident resolution time. Although users find the UI complex and pricing high, its capabilities in securing AWS, Azure, and other environments, as well as its potential integration with CyberArk, emphasize its enterprise-ready design for cloud transformation across diverse industry sectors.

What are the key features of Cortex Cloud by Palo Alto Networks?
  • Runtime Protection: Ensures real-time security for workloads.
  • AI/ML-powered Threat Detection: Identifies threats using AI/ML technology.
  • Automated Remediation: Streamlines threat response through automation.
  • Comprehensive Detection Coverage: Offers extensive detection capabilities with unified data.
  • Integration with MITRE ATT&CK: Enhances threat response efficiency.
What benefits or ROI should users consider?
  • Enhanced Security Visibility: Provides dashboards for better security insights.
  • Reduced Manual Tasks: Automates processes for efficiency gains.
  • Improved Threat Response: Accelerates incident resolution with AI-driven anomaly detection.
  • Seamless Cloud Integration: Supports APIs and multi-cloud environments.

Cortex Cloud by Palo Alto Networks is deployed across industries like telecom, BFSI, and manufacturing for robust cloud security. It's leveraged for detecting misconfigurations and vulnerabilities, aiding cloud transformation and compliance with standards such as GDPR and NIST. The integration across cloud infrastructures, including AWS and Azure, supports policy creation and threat management strategies for diverse enterprises.

Palo Alto Networks

Legit Security offers comprehensive solutions for managing software security risks, ensuring efficient code integration, risk reduction, and policy adherence through centralized controls and robust integration with existing tools.

Legit Security provides organizations with a powerful platform for enhancing software security. It offers a unified control panel that highlights high-risk findings and enhances security posture with risk scoring. By facilitating seamless integration with existing tools, it promotes a security shift-left approach. Centralized management helps enforce policy adherence while secret management capabilities add another layer of security. Despite some false positives in secret detection, Legit collaborates with engineering teams to ensure secure code integration.

What are the key features of Legit Security?
  • Noise Reduction: Minimizes noise from scanning tools for increased efficiency.
  • Risk Scoring: Highlights high-risk findings to prioritize security efforts.
  • Unified Control Panel: Centralizes oversight for improved policy enforcement.
  • Seamless Integration: Works with existing tools to reduce security risks.
  • Secret Management: Ensures secure handling of sensitive information.
What benefits should be considered when evaluating Legit Security?
  • Comprehensive Visibility: Offers end-to-end insights into the software development lifecycle.
  • Security Shift-left: Facilitates early security integration for proactive risk management.
  • Partnership with Engineering Teams: Promotes collaborative secure code implementation.
  • Responsive Enhancement Requests: Reflects adaptability to user feedback for continuous improvement.

In industries dealing with sensitive data and complex code deliveries, Legit Security is implemented to manage the entire software development lifecycle. Organizations utilize it for compliance, integrating it with other scanning tools to bolster code supply chain security and application security management. In the wake of incidents like the SolarWinds breach, the importance of securing the software delivery pipeline has been underscored, positioning Legit Security as a crucial component in protecting against similar threats.

Legit Security

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

  • Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
  • Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
  • Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
  • Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
  • Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

  • Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
  • Scalability - Supports organizations with large-scale application portfolios.
  • Compliance support - Ensures applications meet various security standards and regulations.
  • Developer training - Provides tools for educating developers on secure coding practices.
  • Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.


Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Veracode
 

Sample Customers

Information Not Available
Google, NYSE, Kraft-Hienz, Takeda Pharmaceuticals, and many other large enterprise and Fortune 500 customers. Learn more by going to: https://www.legitsecurity.com/...
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Buyer's Guide
Legit Security vs. Veracode
April 2026
Free Report: Legit Security vs. Veracode
Find out what your peers are saying about Legit Security vs. Veracode and other solutions. Updated: April 2026.
DOWNLOAD NOW
900,644 professionals have used our research since 2012.
See our Legit Security vs. Veracode report.
See our list of best Application Security Posture Management (ASPM) vendors.

We monitor all Application Security Posture Management (ASPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.