/may 1, 2018

Building for the Next Generation of Application Security

By Debashis Das

We talk a lot about the digital transformations going on around us – about how organizations of every size and shape are transforming how they do business in order to keep pace with customers and competition in a digital world. But we at Veracode are undergoing a transformation of our own. We are evolving to ensure our architecture and processes are optimized to meet our customers’ need in this fast-paced digital world.

What does our architecture evolution look like? We are working to improve our scanning performance by refreshing our infrastructure, re-architecting our platform as a set of microservices, and deploying those services on AWS and using managed AWS services.

Hardware infrastructure improvements: In an effort to improve our scanning performance, we completely refreshed our underlying compute, storage, and networking infrastructure last year. Those changes have resulted in significant improvements in scan times for most customer scans, and given us greater flexibility in responding to sudden increases in customer demand.

Re-architecting the platform to leverage microservices: To deliver new functionality and fix issues more quickly, we have worked hard to re-architect our platform using the microservices architecture pattern. We’ll continue this effort going forward, but the results are already visible to customers in the form of higher feature velocity, targeted scalability improvements, and better performance.

In addition, to enable the kinds of automation and integration that customers require as they embrace DevOps processes, we’ve increased our emphasis on APIs and integrations. During this year, we’ll release an increased number of RESTful APIs and integrations that our customers and partners can use to make scanning and remediation more seamless. This enables developers, security teams, and risk management professionals to work within the tools of their choice while still gaining all the power and insights of the Veracode platform.

Increased use of AWS: As our customers continue to move toward DevSecOps processes for their software development and operations, we’re seeing increases in scan frequency and the need for increased speed and scalability. We’re continuing to deliver on these needs via evolution of our core software, and by leveraging secure, highly available, and scalable services provided by AWS. While we’ve architected some of our newer offerings such as Veracode Static Analysis IDE Scan from the ground-up using AWS services like Lambda and KMS, we’ve also done extensive refactoring across our full platform to use AWS services in a secure manner where it makes sense. Some of the benefits customers can expect from this evolution include:

  • Robust security controls and increased levels of data protection
  • Faster scan times
  • Improved API response time
  • Accelerated report generation
  • Faster delivery of new features and services
  • Reduced maintenance window downtime
  • Analytics dashboards

We take the security of our customer data seriously. Protecting that data has always been, and always will be, a top priority. Veracode’s AWS implementation adheres to the same rigorous attestation and security review processes that we have always used. Customer data, while in the AWS cloud, is encrypted both at rest and in transit. Access to customer data by software services that make up the Veracode Platform prescribes to the principle of least privilege and requires authorization.

Looking ahead

As our customers transform the way they create software, we’re transforming the way we secure it. Our customers are clear in what they need from Veracode in the years ahead: fast scan times, accurate results, easy integrations into their security and development tools, new products that meet their emerging needs, and, most of all, a combination of technology, expertise, and service that helps them more effectively find and fix the vulnerabilities. Through investments on all those fronts, we’ll continue to ensure that Veracode remains the clear leader in application security.

Learn more about our solutions here

Related Posts

By Debashis Das

Debashis Das is Vice President, Architecture at CA Technologies, responsible for enterprise architecture at the Veracode business unit. In this role, he is leading the transformation of Veracode to a cloud native, scalable and microservice-based application security platform. He is also an active driver and partner for the adoption of secure DevOps practices within Veracode's engineering organization and the rest of CA.