Vendor Profile
Veracode
Veracode is an established application security testing platform that offers SAST, SCA, DAST, and penetration testing through a cloud-based service. Founded in 2006, Veracode pioneered the binary-level SAST approach that analyzes compiled code without requiring access to source code, making it suitable for testing third-party and legacy applications. Veracode provides a centralized platform for managing application security risk across large portfolios, with strong reporting for security program management and compliance.
Last updated
Key Features
Pros & Cons
Pros
- +Binary-level SAST enables testing without source code access
- +Comprehensive platform covering SAST, SCA, DAST, and pen testing
- +Strong application portfolio management and risk scoring
- +Developer security training integrated into the platform
- +Proven track record with nearly two decades in the market
Cons
- –Binary analysis requires compilation, slowing scan integration in CI/CD
- –Developer experience is less intuitive compared to Snyk's workflow approach
- –Enterprise pricing is not transparent and requires sales engagement
- –Scan upload and processing times can be lengthy for large applications
- –SCA capabilities are less comprehensive than dedicated SCA tools like Snyk
Best For
Security teams managing application security across large application portfolios, especially when binary analysis of third-party or legacy applications is needed
Community & Practitioner Evidence
Community Sources
- →Veracode questions on Stack Overflow[Stack Overflow]
User Reviews
No reviews yet. Be the first to share your experience!
As an Alternative (8 comparisons)
Black Duck vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Checkmarx vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
GitHub Advanced Security vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Mend.io vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Semgrep vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Snyk vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
SonarQube vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Trivy vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Sources & References
- Veracode — Official Website & Documentation[Vendor]
- Veracode Reviews on G2[User Reviews]
- Veracode Reviews on TrustRadius[User Reviews]
- Veracode Reviews on PeerSpot[User Reviews]
- Veracode questions on Stack Overflow[Technical Q&A]
Related Comparisons & Categories
Black Duck vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonCheckmarx vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonGitHub Advanced Security vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonMend.io vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonSemgrep vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonSnyk vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonSonarQube vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
ComparisonTrivy vs Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Are you from Veracode?
Claim this listing to update your product information, respond to reviews, and ensure accuracy.