What is Veracode Static Analysis?
Veracode Static Analysis provides fast, automated security feedback in the IDE and the pipeline, and conducts a full policy scan before deployment. It then provides clear guidance on what issues to focus on and how to fix them faster.
Company Details
Need Assistance?
We're here to help you with understanding our reports and the data inside to help you make decisions.
Get AssistanceVeracode Static Analysis Ratings
Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard
to access more information on Veracode Static Analysis.
Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.
83 Likeliness to Recommend
3
Since last award
92 Plan to Renew
8
Since last award
78 Satisfaction of Cost Relative to Value
6
Since last award
Emotional Footprint Overview
Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.
+88 Net Emotional Footprint
The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.
How much do users love Veracode Static Analysis?
Pros
- Helps Innovate
- Continually Improving Product
- Enables Productivity
- Trustworthy
How to read the Emotional Footprint
The Net Emotional Footprint measures high-level user sentiment towards particular product offerings. It aggregates emotional response ratings for various dimensions of the vendor-client relationship and product effectiveness, creating a powerful indicator of overall user feeling toward the vendor and product.
While purchasing decisions shouldn't be based on emotion, it's valuable to know what kind of emotional response the vendor you're considering elicits from their users.
Footprint
Negative
Neutral
Positive
Feature Ratings
Vulnerability Scanning
Interactive Application Security Testing (IAST)
Software Composition Analysis (SCA)
Container Security Testing
Static Application Security Testing (SAST)
Risk Scoring
False Positive Remediation
Mobile Application Security Testing
Dynamic Application Security Testing (DAST)
Policy Engine and Enforcements
SDLC Integration
Vendor Capability Ratings
Ease of Implementation
Ease of Data Integration
Ease of Customization
Ease of IT Administration
Quality of Features
Usability and Intuitiveness
Vendor Support
Business Value Created
Availability and Quality of Training
Breadth of Features
Product Strategy and Rate of Improvement
Veracode Static Analysis Reviews
Amit C.
- Role: Industry Specific Role
- Industry: Healthcare
- Involvement: End User of Application
Submitted Mar 2024
This is an Amazing product
Likeliness to Recommend
What differentiates Veracode Static Analysis from other similar products?
Veracode scans files, classes, and small packages, Veracode Static Analysis can be used to test the entire application.
What is your favorite aspect of this product?
clear guidance on finding, prioritizing, and fixing issues
What recommendations would you give to someone considering this product?
It enabling you to discover and inventory all of your external web applications
Pros
- Helps Innovate
- Continually Improving Product
- Reliable
- Performance Enhancing
Rajat S.
- Role: Information Technology
- Industry: Engineering
- Involvement: IT Development, Integration, and Administration
Submitted Mar 2024
Veracode boasts a powerful scanning engine
Likeliness to Recommend
What differentiates Veracode Static Analysis from other similar products?
Unlike most SAST tools that require source code, Veracode can analyze compiled binaries. This is crucial for applications where source code isn't readily available, expanding its reach
What is your favorite aspect of this product?
Each vulnerability has a detailed explanation, helping developers understand the root cause and potential impact. Veracode prioritizes vulnerabilities based on severity and exploitability, allowing developers to focus on the most critical issues first.
What do you dislike most about this product?
Veracode is a commercial product with tiered pricing plans, which can be expensive for smaller teams or those with limited budgets. Setting up and configuring Veracode can be challenging for beginners, especially for teams unfamiliar with SAST tools. The comprehensive nature requires some learning curve.
What recommendations would you give to someone considering this product?
Consider your team's experience with SAST tools. If your team is new to these tools, the initial learning curve for Veracode might be steeper.
Pros
- Helps Innovate
- Continually Improving Product
- Reliable
- Performance Enhancing
Saurabh G.
- Role: Information Technology
- Industry: Engineering
- Involvement: Initial Implementation
Submitted Mar 2024
"Great tool to find security flaws"
Likeliness to Recommend
What differentiates Veracode Static Analysis from other similar products?
My company is using Veracode as the first item to be run before a Application Security Review. It shows the items that are the possible problems before running a dynamic vulnerability scan.
What is your favorite aspect of this product?
Veracode is good static analysis tool to find security flaws. I use this tool to scan my java microservices jar files. it's easy to configure. It does not require source code and accepts binary files and scans them. We can either manually scan files or integrate with jenkin so jars are auto scanned on every build.
What do you dislike most about this product?
Can take some time. It could be better if scanning time is improved.
What recommendations would you give to someone considering this product?
Just give it a try and see how much better you will operate!
Pros
- Helps Innovate
- Continually Improving Product
- Reliable
- Performance Enhancing
