Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.
Product | Market Share (%) |
---|---|
Veracode | 8.8% |
SonarQube Server (formerly SonarQube) | 22.4% |
Checkmarx One | 10.3% |
Other | 58.5% |
Type | Title | Date | |
---|---|---|---|
Category | Application Security Tools | Aug 28, 2025 | Download |
Product | Reviews, tips, and advice from real users | Aug 28, 2025 | Download |
Comparison | Veracode vs SonarQube Server (formerly SonarQube) | Aug 28, 2025 | Download |
Comparison | Veracode vs Checkmarx One | Aug 28, 2025 | Download |
Comparison | Veracode vs GitHub Advanced Security | Aug 28, 2025 | Download |
Title | Rating | Mindshare | Recommending | |
---|---|---|---|---|
SonarQube Server (formerly SonarQube) | 4.0 | 22.4% | 81% | 116 interviewsAdd to research |
Wiz | 4.5 | N/A | 95% | 22 interviewsAdd to research |
Company Size | Count |
---|---|
Small Business | 56 |
Midsize Enterprise | 34 |
Large Enterprise | 93 |
Company Size | Count |
---|---|
Small Business | 843 |
Midsize Enterprise | 679 |
Large Enterprise | 2437 |
Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.
What are the key features of Veracode?
What benefits should users consider in Veracode reviews?
Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.
Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.
Veracode was previously known as Crashtest Security , Veracode Detect.
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Author info | Rating | Review Summary |
---|---|---|
Head of Security Architecture at a healthcare company with 5,001-10,000 employees | 4.0 | Veracode enhances our code development by integrating SSA and SAST, significantly improving security with features like Veracode Fix. While onboarding requires specific configurations, the platform proves cost-effective, offering a balance of detection accuracy and minimal false positives. |
Principal Architect at a consultancy with 11-50 employees | 4.0 | I assist clients in various industries with Veracode’s SCA, SAST, and DAST, which efficiently identify vulnerabilities early in development. Improvements needed include enhanced communication with the engineering team and container scanning features. Veracode excels in SCA compared to Mend and Polaris. |
Works | 4.0 | I use Veracode for vulnerability scanning in our development process. It efficiently detects vulnerable APIs and libraries, enhancing security. Although integration with code repositories could improve, its static analysis and early detection capabilities positively impact our DevSecOps processes. |
Lead Information Security Analyst at a financial services firm with 10,001+ employees | 3.5 | I primarily use Veracode for third-party library scans and regularly review its findings to improve security posture, though its reporting and scanning process could be more efficient compared to Fortify. Overall, it is a helpful tool. |
Lead Automation Quality Engineer in Leading UK Bank at a consultancy with 10,001+ employees | 4.0 | We initially used Veracode for SAST in our transformation projects, appreciating its role in our shift-left security strategy. While its scanning times and costs need improvement, it significantly reduced security flaws and saved us 60%-70% of resources. |
IT App Security Senior Analyst at a transportation company with 10,001+ employees | 4.0 | Veracode offers a comprehensive enterprise solution providing an excellent developer experience, regulator exposure, and DevOps pipeline integration, improving remediation times. While IDE integrations are standard, adding custom cleansers would enhance its capabilities. Other options, like Checkmarx, were considered before choosing Veracode. |
Manager at a government with 10,001+ employees | 2.0 | I've used Veracode mainly as a user but found it too complex, hard to configure, and not user-friendly, with limited integration and automation, poor support, and unclear results that make adoption and training across teams difficult. |
Senior Solutions Architect at IDS Comercial | 4.0 | I use Veracode in the banking sector to enhance security through flexible rule definition and real-time updates. Its ability to identify network vulnerabilities reduces costs and risks. While effective, the customization of its interface could be improved. |