Veracode
Cloud-native application security testing
Category
AI Security & Vulnerability Detection
Platforms
web, cli, vscode, jetbrains
Pricing
Custom — Custom
Open Source
No
IDE Support
VS Code, JetBrains IDEs, Visual Studio
What is Veracode?
Veracode is a cloud-native application security testing platform offering SAST, DAST, SCA, and penetration testing. Its Veracode Fix feature uses AI to generate one-click code fixes for detected vulnerabilities.
Who is it for? Security engineers and teams who need automated vulnerability detection and code audits.
Key Features
Available on
Our Verdict
Solid enterprise security platform. Veracode Fix is a useful AI feature but the tool is best for organizations with mature security programs.
Pros & Cons
Pros
- + Cloud-native — no infrastructure
- + AI fix suggestions
- + Good compliance support
- + Pen testing integration
Cons
- - Expensive
- - Complex for smaller teams
- - SAST can be slow
- - No free tier or trial without sales contact
Pricing
Team
Custom
- SAST
- SCA
- IDE scanning
- Veracode Fix
Enterprise
Custom
- DAST
- Pen testing
- Full platform
Supported Languages & IDEs
Alternatives to Veracode
Semgrep
Fast, customizable static analysis for security
Free OSS 4.5/5
Snyk Code
AI-powered security code review
Free 4.4/5
GitGuardian
AI secrets detection and remediation for code
Free 4.4/5
SonarQube
Code quality and security platform with AI
Free OSS 4.3/5
Checkmarx
Enterprise application security testing platform
4/5
About Veracode
Company Veracode
Founded 2006
HQ Burlington, MA
Status Active
Data updated 2025-02-10