Cybersecurity

Veracode

SaaS application security platform — SAST, DAST, SCA, and penetration testing services for enterprise AppSec programs.

Enterprise
Pricing Tier
Medium
Learning Curve
1–3 months for rollout
Implementation
large, enterprise
Best For
Visit website ↗🔖 Save to StackAsk AI about Veracode
Use when

Enterprises needing a managed SaaS AppSec provider with strong reporting, binary scanning, and bundled professional services.

Avoid when

Developer-first teams — Veracode's workflow is slower and more compliance-oriented than Semgrep or Snyk.

What is Veracode?

Veracode is one of the original SaaS AppSec vendors, focused on regulated industries (finance, healthcare, government). The platform covers SAST (binary and source), DAST, SCA, and container scanning, and is bundled with Veracode's penetration testing and AppSec consulting services. 2024 additions include Veracode Fix, an AI-powered remediation assistant, and Veracode Risk Manager (formerly Longbow).

Key features

Binary SAST (scans compiled artifacts)
SCA with reachability analysis
DAST and API scanning
Veracode Fix AI remediation
Application Security Maturity reporting

Integrations

JiraJenkinsGitHubAzure DevOps
💰 Real-world pricing

What people actually pay

No price data yet — be the first to share

Sign in to share

No price data yet for Veracode. Help the community — share what you pay (anonymized).

User Reviews

Be the first to review this tool

Sign in to review