/jun 23, 2020

Veracode Achieves AWS DevOps Competency Status

By Ian Mcleod

We are pleased to announce that we have earned the AWS DevOps Competency status, which recognizes that Veracode provides proven technical proficiency and customer success helping organizations implement continuous integration and delivery practices on AWS. To receive the designation, APN Partners must possess deep expertise and deliver solutions seamlessly on AWS.

Why does this matter? Because your software development is changing, and this AWS competency indicates our work to make sure security can keep up. In fact, a recent GitLab survey found that 59 percent of companies now deploy multiple time a day, once a day, or once every few days. At the same time, security risk has largely shifted to the application layer (the 2020 Verizon Data Breach Investigations Report found that web applications are the most popular attack vector), leaving modern developers on the security front lines. Developers need to produce more code, on more frequent release cycles, and find and fix security flaws without missing a beat.

We’re focused on helping modern developers face these new challenges. Nearly 200,000 developers are using Veracode solutions to identify and fix flaws, and Veracode customers have fixed more than 51 million security flaws to date. Our most recent State of Software Security report found that in a recent 12-month period, our customers addressed 76 percent of the high-severity flaws found in their code.

As a leading cloud-native application security provider, we inherently understand modern software development and our unique platform provides the integrations, flexibility, and analytics to make security a core component of the development process.

Speed, automation, and the right technology support are critical to making developers of secure cloud applications successful. Our deep AWS support includes integration with AWS CodeStar, allowing developers to initiate application security scans from AWS CodeBuild and AWS CodePipeline. In addition, our support for AWS Lambda, as well as AWS Software Development Kits for Python, JavaScript, and Node.js (with more coming soon) will further help developers deliver highly secure, cloud-native applications.

We’re continuing to deliver on these needs through evolution of our core software. For instance, developers are using our fast and accurate IDE Scan to find and fix flaws in their code as they’re writing it. They’re using our Software Composition Analysis to get insight into which open source libraries in their code are vulnerable, and which ones are truly increasing risk and should be updated. And they’re building AppSec skills through hands-on-keyboard experience with our Veracode Security Labs.

One of our customers recently noted of working with Veracode, “The benefits are quick discovery and understanding of software vulnerabilities that we are putting in our own code. By discovering them quickly enough, we can triage them and determine the best ways to remediate them and prevent them from happening in the future.”

We’re also delivering on these modern development needs by leveraging secure, highly available, and scalable services provided by AWS. We’ve architected some of our newer offerings from the ground-up using AWS services like Lambda and KMS, and have also done extensive refactoring across our full platform to use AWS services in a secure manner.

Our AWS DevOps Competency differentiates us as an AWS Partner Network (APN) member, and it is a key step in our strategy to support developer tools and platforms.

Veracode’s mission is to help you confidently and efficiently create secure software that moves your business forward. To achieve that mission, we’re constantly evolving our technology to address changes in software development and anticipate future needs for software security.

Learn more about our AWS partnership here.

Related Posts

By Ian Mcleod

Ian McLeod is Chief Product Officer and heads product strategy and management. With more than 20 years’ experience in product management and engineering leadership roles, McLeod brings deep experience building products that support and integrate into the software development lifecycle while meeting the complex challenges created by new trends in software development. He leads Veracode’s innovation strategy and guides the company in providing secure software solutions that support DevSecOps environments. Previously, McLeod served as Chief Product Officer at Rogue Wave Software and held executive management roles at SmartBear Software, PHT Corporation, Segue Software, and Rational Software.