Veracode Launches Application Security Company; Secures $19.5 million in Funding
Security Industry Experts Launch New Company and Unveil On-demand Application Security Solutions
Burlington, Mass. – January 22, 2007 – Veracode, Inc. today officially launched as a company and announced it has raised $19.5 million in venture capital funding. Spearheaded by leading security industry experts, Veracode is offering the industry's first automated, on-demand security analysis solutions delivered through a Software-as-a-Service (SaaS) platform.
The Company also unveiled today the Veracode SecurityReview™ solutions, which allow organizations to discover security flaws in software automatically, without releasing their valuable source code. Veracode SecurityReview is the industry's first automated, on-demand application security analysis service. Whether a company is buying or building software, Veracode helps improve the security quality of applications.
Veracode's patented binary analysis provides a comprehensive way to identify and remediate the security flaws in software that put businesses at risk. The ability to assess application security without source code means organizations benefit from analysis of the full application, including linked libraries, without the need to expose valuable intellectual property. The Veracode outsourced business model helps companies avoid costly measures such as deploying tools or hiring in-demand security experts. No hardware, software or other resources are required for installation, maintenance or upgrades.
"Enterprises today have been largely successful in securing their perimeter networks. Unfortunately, the application layer has now emerged as the criminal's new favorite target," said Matthew Moynahan, CEO of Veracode, Inc. "We believe that on-demand application security as an outsourced service is an easier, more accurate, more thorough and less intrusive way to raise the security level of software.
Analyst Predicts Application Security Testing as a Service will Grow
Gartner analysts Joseph Feiman and Neil MacDonald also state in the report, "Security testing technology vendors help enterprises by offering scanning as a service -- performing vulnerability detection for enterprises, thus mitigating a lack of skills in IT departments."
Veracode SecurityReview™ - Three Solution Offerings
"Since Veracode code reviews work at the binary level, they can assess risk across mixed code bases. This provides enterprises with an easy and effective way to determine acceptable risk levels for internally or externally developed applications, said Rhonda MacLean, founder, MacLean Risk Partners and former CISO of Bank of America. "At the same time, it ensures that newly purchased software meets acceptable security thresholds before it is integrated into existing software. Companies that depend on secure and reliable code to meet today's fast-paced business demands should look at Veracode's solutions as part of their development life cycle management. It just makes good business sense.
Veracode Attracts Leading Venture Firms/ Technology Corporations
"Veracode's strength lies in its unique intellectual property, innovative service delivery model and veteran executive team, said Simeon Simeonov, partner at Polaris Venture Partners. "That combination establishes the foundation for a category-leading company that can significantly improve how enterprises approach application security and manage software risk.
"Securing business applications is key to protecting corporations, said Jeff Fagnan, partner, Atlas Venture Inc. "With the majority of all application security vulnerabilities being traced back to insecure programming, Veracode is uniquely positioned to capture market attention quickly.
"Today's business environment requires stringent attention to software security, especially as more and more companies move toward digital distribution of goods and services," said Corey Ferengul, senior vice president of product and solutions management for Macrovision. "Veracode's SecurityReview solutions have been developed to offer developers and enterprises the ability to quickly and inexpensively identify security risks and to help maximize the value of technology investments and customer relationships.
As the most accurate and comprehensive solution, Veracode makes it simple and cost-effective to implement application security best practices and reduce operational costs related to manual reviews. Whether a company is developing applications internally, purchasing software or integrating code from partners, Veracode's SecurityReviewTM provides insight to the security level of your applications. Outsourcing code analysis to Veracode is the easiest way to secure your software. With a pragmatic approach to application security, Veracode helps you fix what matters most to your business.
Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas Venture and Polaris Venture Partners. Veracode founders and executive team include industry experts from @stake, Guardent, ISS, Salesforce.com, Symantec and VeriSign. http://www.veracode.com/
1) Gartner, Inc., "Key Process Trends and Best Practices in Application Security Testing Markets, by Joseph Feiman and Neil MacDonald. December 19, 2006.