How Software Security Ratings Work | Veracode

How the Ratings Work

Determine the Assurance Level (Business Criticality) for each Application

  • First, an assurance level is assigned for each application based on business risk factors such as: reputation damage, financial loss, operational risk, sensitive information disclosure, personal safety, and legal violations.
  • The assurance levels are typically determined by the enterprise looking at deploying third-party software to determine acceptable risk levels prior to purchase or software vendors who will typically opt for higher assurance levels to increase the marketability of their applications.

Download our assurance level worksheet to determine the business criticality of your applications.

Assess Software for the VerAfied Mark

  • Veracode applies specific assessment techniques based on the assurance level.
  • Veracode then assigns a rating for each application based on the number and severity of vulnerabilities found.
  • Those applications which receive the highest rating earn the VerAfied security mark which organizations can promote as a competitive differentiator.
Application Security Ratings