The ability to rate software security levels allows companies to manage risk by determining whether or not the software meets their requirements.

– Diana Kelley, principal analyst, SecurityCurve

Free Trial callout

Standards-Based Ratings

VerAfied Software Assurance

Veracode's Risk Adjusted Verification Methodology, offers the industry’s first standards-based ratings system for determining security levels in software. The VerAfied mark provides a pragmatic way for enterprises and Independent Software Vendors (ISVs) to measure, compare and improve application security levels.

Verified Security Mark

The VerAfied security mark is quality indicator for the security level of applications and software components developed in-house or purchased from a third-party. Independent software vendors and enterprises gain insight into the security quality of software similar to that provided by Moody's®, Standard and Poor's® or Consumer Reports®. The software rating is completely transparent and based on industry-standards. Software that receives top ratings, can be actively promoted by the producing software vendor.

The VerAfied security mark indicates that software has been independently assessed against the OWASP Top 10 and SANS Top 25 for technical flaws using automated static binary analysis and/or dynamic analysis and has been found to have reached an acceptable level of security quality.
The VerAfied High Assurance security mark indicates that software has undergone additional manual application penetration testing to identify flaws in business logic and design and has been found to have reached an acceptable level of security quality.

Learn More about Veracode Risk Adjusted Verification Methodology.