Veracode application analysis tools cover web and mobile apps, as well as microservices in most major programming languages and frameworks. In addition, development teams can automate analysis in the pipeline with Veracode's integrations.
The Veracode Static Analysis family enables teams to quickly identify and remediate application security flaws. From scans in the IDE and in the pipeline right into deployment, Veracode Static Analysis helps ensure that no security defects escape to the master branch and production. Veracode delivers a false-positive rate of less than 1.1 percent without rule tweaking or manual reviews.
Penetration testing uses ethical hackers to manually test web, mobile, desktop, back-end, and IoT applications to identify vulnerabilities automated testing can’t find.
Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.
*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.