Veracode
Cloud-based application security testing platform with SAST, SCA, DAST, and penetration testing
Pricing: Custom enterprise pricing
Reviewed by the CyberSecTool editorial team against the public sources cited below · Last reviewed February 2026 · How we review listings
What is Veracode?
Veracode is an established application security testing platform that offers SAST, SCA, DAST, and penetration testing through a cloud-based service. Founded in 2006, Veracode pioneered the binary-level SAST approach that analyzes compiled code without requiring access to source code, making it suitable for testing third-party and legacy applications. Veracode provides a centralized platform for managing application security risk across large portfolios, with strong reporting for security program management and compliance.
- ✓ Binary-level SAST enables testing without source code access
- ✓ Comprehensive platform covering SAST, SCA, DAST, and pen testing
- ✓ Strong application portfolio management and risk scoring
- ✓ Developer security training integrated into the platform
- ✓ Proven track record with nearly two decades in the market
- • Binary analysis requires compilation, slowing scan integration in CI/CD
- • Developer experience is less intuitive compared to Snyk's workflow approach
- • Enterprise pricing is not transparent and requires sales engagement
- • Scan upload and processing times can be lengthy for large applications
- • SCA capabilities are less comprehensive than dedicated SCA tools like Snyk
Reported in public reviews and vendor documentation. See sources below.
Key Features
Are you Veracode? Improve this listing with screenshots, case studies and more.
Sources & references
Where the information on this listing comes from. Always verify pricing and capabilities against the vendor before a purchasing decision.
Spot an error, or do you represent Veracode? Request a correction.
Quick Info
| Pricing | Custom enterprise pricing |
| Model | Enterprise license (application-based) |
| Founded | 2006 |
| Cloud | Yes |
| Self-Hosted | No |
Last updated: Feb 20, 2026
Veracode Alternatives
View All AlternativesDeveloper-first application security platform for finding an...SonarQube
Open-source code quality and security analysis platform with...Checkmarx
Enterprise application security platform with deep SAST, SCA...Semgrep
Lightweight, open-source static analysis with intuitive patt...GitHub Advanced Security
GitHub-native security scanning with CodeQL SAST, secret sca...