Veracode Advances Cloud-Native Application Security with Longbow Acquisition

As I travel around the world meeting with customers and prospects, we often discuss the tectonic shifts happening in the industry. At the heart of their strategic initiatives, organizations are striving to innovate rapidly and deliver customer value with uncompromising quality and security, while gaining a competitive edge in the market. They are embracing DevOps methodologies and leveraging open-source technologies, accelerating deployments across multi-cloud environments to enhance agility and responsiveness. The biggest challenge they face is acquiring a comprehensive view of all the assets in their portfolio as they are deployed across multi cloud end points.  

Security teams are overwhelmed by alert fatigue coming from sometimes 20+ tools that each provide a different view of risk. The biggest challenge is aggregating this risk from disparate sources, prioritizing it and identifying the next best action to take to secure their software assets. Compounding these challenges is the fact that engineering teams are overwhelmed as they’ve increased their cognitive load as they design, implement, integrate, deploy and monitor their software across cloud endpoints. Both security teams and developers are desperate to find a solution that shows risk in one single view. Many Application Security Testing vendors do a good job of reporting application risk but don’t provide a comprehensive view of risk, until now. 

I am thrilled to announce Veracode’s acquisition of Longbow Security, a pioneer in security risk management for cloud-native environments, is available to our customers to close this gap. The acquisition marks the next exciting phase of Veracode, underscoring our commitment to managing and reducing risk related to building and running applications across multi cloud environments. 

The combination of Veracode and Longbow Security, brings together best-in-class application security with cloud-native risk management for a continuous view of an organization’s application security posture, from code to cloud.  Security teams will now be able to centrally discover cloud and application assets and assess their threat exposure using automated issue investigation and root cause analysis. All of this means faster response teams for stretched security teams and lower overall risk for organizations.   

Today 71 percent of organizations are shouldering the burden of security debt (flaws in applications that remain unfixed for one year). Teams need the ability to rationalize security risk across their tools and intelligently prioritize remediation at scale.  With Longbow, customers can address these challenges in four ways:    

• Unified visibility of risk across applications, code, and cloud. This gives teams insight to tackle significant issues that matter most to the business.   
• Orchestrated remediation from code to cloud, enabling teams to prioritize and remediate with Veracode’s AI-driven fix capabilities.  
• Actionable insights with ‘Best Next Action’ advice, so customers can conduct a root cause analysis and pinpoint the best path to remediation.   
• Continuous monitoring and assessment via real-time vulnerability discovery across application portfolios and runtime environments, meaning customers know exactly what is running and where.   

We are delighted to welcome Longbow Security to the Veracode family and expand our platform capabilities with industry-defining application security risk management. This acquisition reinforces our commitment to advancing cloud-native application security and enables our customers to navigate the evolving threat landscape with confidence.   

Longbow Security Risk Platform is available immediately. To learn more about the enhanced capabilities and benefits of the Veracode and Longbow integration, visit the Longbow website today.    

For more information on the acquisition go here for the press release.   

To schedule a demo, please go here.