Our latest business and technology news

View: All | Press Releases | In the News | Events

In the News Apr 18 2017 TechTarget

Shadow Brokers' Windows exploits target unsupported systems

A new release of NSA cyberweapons falls flat as Windows exploits from the Shadow Brokers have mostly been patched, but unsupported systems still at risk. Chris Wysopal, CTO and co-founder of Veracode, said the timing of the release "was well designed." "Some of the exploits are for Windows Vista which was just end-of-lifed on Tuesday [last] week. This means they may never get patches for the vulnerabilities," Wysopal told SearchSecurity. 


In the News Apr 12 2017 Information Security Buzz

Microsoft Word Zero-Day Vulnerability

Following the news that a new zero-day vulnerability that affects all supported versions of Microsoft Word has been uncovered and is already being used to launched attacks. Paul Farrington,  Manager, EMEA Solution Architects at Veracode comments "the Microsoft engineers will not only need to devise a patch for this vulnerability, but also to remodel their threat assessment of this type of file interaction. They will need to make the opening of untrusted Word documents a viable option once again, else a major benefit of this word processing software would be seriously weakened."

In the News Apr 11 2017 Forbes

Why The Application Travelator Needs More Handrails

In the News Apr 11 2017 Enterprise Times

Microsoft Word hit by zero-day vulnerability

FireEye Labs has warned of a zero-day vulnerability affecting Microsoft Word. The warning came in a blog by Threat Researcher, Genwei Jiang. In the blog, Jiang says FireEye alerted Microsoft to the vulnerability a few weeks ago and that Microsoft was already working towards a fix. At first glance this seems like just another attack that can be quickly patched and resolved. However, Paul Farrington,  Manager, EMEA Solution Architects, Veracode, a company recently acquired by CA says it is much more serious than that.

In the News Apr 08 2017 Crain's Chicago Business

A Frightening new frontier for hackers: Your medical records

As health records have gone digital in the past seven years, they've become far more vulnerable to poaching—and far more valuable to thieves, who can sell a complete medical record for more than $1,000 on the darknet. That's because the records contain not just your insurance info which can be used for fraudulent billing and prescriptions, but also Social Security, driver's license and credit card numbers. As a result, the health care industry is scrambling to play catch-up to secure patient and hospital data.

In the News Apr 05 2017 TechBeacon

DevOps delivers savings and speed, so focus on strategy

If there's one thing that the DevOps community fetishizes, it's speed. Release velocity is the glitziest measuring stick by which conference circuit speakers, case study writers, and DevOps evangelists can compare successes. In spite of all the chatter, though, the truth is that speed of delivery is only a secondary driver for many organizations. Conducted among more than 500 development and IT professionals, the survey, sponsored by HPE, examined both motivations and influencers of DevOps motivations.

Press Release Apr 04 2017

Veracode Helps Developers Reduce Risk and Decrease Time to Production with New Static Analysis Features

Custom Cleansers, Accelerated Results, Greenlight Auto-Scan and Perl language enable Secure DevOps by expanding ability to make automated security testing part of the development process.

In the News Apr 04 2017 ZDNet

Have security conferences become an 'army of noise'?

Of the hundreds of security conferences, large and small, the vast majority are interchangeable in terms of content, speaker profiles, and outside events. However, some up-and-coming conferences are working to reduce what's become an "army of noise," providing better opportunities for attendees and novice presenters.

In the News Mar 21 2017 TechTarget

WikiLeaks' disclosure of CIA hacks comes with requirements

WikiLeaks promised it would share details of the CIA hacks found in the Vault 7 documents with affected vendors, but the outlet also has mysterious demands it wants met before disclosing vulnerability information. When WikiLeaks first claimed it would work with the software vendors to patch the vulnerabilities found in the CIA hacks, experts were wary of whether WikiLeaks could follow through on its promises. 


In the News Mar 14 2017 eSecurity Planet

Multi-Factor Authentication: A Critical Security Tool for Enterprises

Multi-factor authentication provides a more secure option than passwords and ID alone. We take a comprehensive look at MFA security, two-factor authentication, mobile authentication, biometrics and vendors, and issues to consider before adopting an MFA solution.

In the News Mar 09 2017 Infosecurity Magazine

Apache Struts 2 Puts 1000s of Web Apps at Risk

Researchers have uncovered hackers actively exploiting a code-execution bug residing in thge Apache Struts 2 web application framework - potentially affecting tens of thousands of applications throughout the internet. Veracode CTO and co-founder Chris Wysopal, who dubbed the flaw Struts-Shock, noted that this type of coding problem can have vast consequences. The extensive use of components can cause a vulnerability to become widespread. What once would have been isolated to a single application, now can impact tens of thousands of applications. 

In the News Mar 08 2017 Fortune

Term Sheet: Acquisition, Secured

CA Technologies announced Monday that it would purchase Veracode, a Massachusetts-based application security firm, for $614 million in cash. The company had raised about $110 million before privately filing for an IPO two years ago, as Fourtune then reported. The acquisition shows just how much DevOps (short for software development and IT operations) has become all the rage in techland.

In the News Mar 07 2017 Axios

CA is buying Veracode for $614 million

"CA Technologies, a company focused on digital transformation of businesses, yesterday announced that it will acquire Veracode, a Burlington, Mass.-based provider of application security solutions, for $614 million in cash." - Dan Primack

In the News Mar 07 2017 Xconomy

With Sale to CA Technologies, Veracode Will "Cast Longer Shadow"

“The shortlist of Boston-area tech companies on deck for an initial public offering got shorter after Monday’s announcement that Veracode has agreed to be sold to CA Technologies for $614 million in cash. The 11-year-old Veracode, which helps businesses secure and test their software applications, had raised around $150 million in venture capital, according to a spokeswoman. The company seemed like it was on an IPO path for the past couple of years. “It very much was an option,” says Veracode CEO Bob Brennan” - Jeff Engel

In the News Mar 07 2017 ZDNet

CA Technologies acquires Veracode

“CA Technologies on Monday announced it's acquiring Veracode, a SaaS-based secure devOps platform provider, for approximately $614 million in cash. The deal is expected to close in Q1 of fiscal year 2018. The acquisition, CA Technologies said, should help unify its security and its devOps portfolios, giving customers a platform to allows them to integrate security directly into software development.” - Stephanie Condon

In the News Feb 23 2017 The Christian Science Monitor

The rise of the chief digital officer and six other takeaways from RSA 2017

Rapid technological change and the growing professionalism of cybercriminals drives businesses to get more sophisticated about their digital security. To discuss these trends, Passcode and Highwire PR gathered seven security industry experts on the sidelines of the RSA conference in San Francisco. 

In the News Feb 17 2017 PCWorld

Here’s how the US government can bolster cybersecurity

Almost 20 years ago, Chris Wysopal (@WeldPond) was among a group of hackers who testified before U.S. Congress, warning it about the dangers of the internet. Unfortunately, the U.S. government is still struggling to act, he said. "You’re just going to keep ending up with the status quo," he said, pointing to the U.S. government's failure to regulate the tech industry or incentivize any change. It’s a feeling that was shared by the experts who attended this week’s RSA cybersecurity show. - Micahel Kan

In the News Feb 16 2017 PCWorld

Experts at RSA give their best cybersecurity advice

The top vendors from across the industry are here, showing products for fighing ransomware, preventing data breaches and more. But even the security software is useless if users and businesses aren’t taking the right steps to protect themselves. So we asked experts at the show for their best cybersecurity tips. - Michael Kan

In the News Feb 15 2017 Dark Reading

Veracode Tackles App Sec & The Pace Of DevOps


At the RSA Conference, Pete Chestna, Director of Developer Engagement at Veracode, discusses the persistent challenges of both continuous delivery and relentless attacks on the application layer. - Micahel Krieger

In the News Feb 14 2017 Infosecurity

RSAC: Interview: Chris Wysopal, CTO & Co-Founder, Veracode

Live on RSACTV at the Moscone Center in San Francisco, Infosecurity Magazine interviewed Chris Wysopal (@WeldPond), CTO and co-founder of Veracode, about the evolution and future of the infosec industry.

In the News Feb 13 2017 Dark Reading

National Security, Regulation, Identity Top Themes At Cloud Security Alliance Summit

RSA CONFERENCE -- San Francisco – While deep conversations about DNS infrastructure and Dyn DDoSes were absent, the most popular refrains at today’s Cloud Security Alliance Summit here were related instead to regulation, identity, and how to use the cloud to improve security. Keynote speaker Gen. Keith Alexander (ret.) -- who served as the first commander of the US Cyber Command from 2010 to 2014 and director of the NSA from 2005 to 2014 - proposed a new model for securing government systems. - Sara Peters

In the News Feb 10 2017 GovInfoSecurity

Secure Coding: The Rise of SecDevOps

For too long, ensuring that code is securely written - and bug free - has been a business afterthought. But there's been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the spplication security firm Veracode. DevOps - a truncation of software development and IT operations - incorporates aspects of agile development, including short sprints - perhaps just two weeks in length - that involve planning, designing and implementing new, working software or additional functionality, backed by having customers embedded into the coding team. - Matthew J. Schwartz

Press Release Feb 09 2017

Veracode Appoints International and Channel Executives to Support Rapid Growth of Application Security Market

Tony Caine to Serve as Executive Vice President and General Manager of International Operations, Leslie Bois as Vice President, Global Channel



contact menu