API Security, Visibility & Reporting, and SBOM Highlighted as Strengths in SSCS Leadership Compass 2023
Inaugural Evaluation is for Organizations Concerned with Supply Chain Risk and Securing Their Goods and Services
Burlington, Mass – September 12, 2023 - Veracode, a leading provider of intelligent software security solutions, today announced it has been named an Overall Leader in the inaugural Software Supply Chain Security (SSCS) Leadership Compass 2023 by KuppingerCole Analysts AG. The report assesses vendors based on innovativeness, market position, financial position, and tech ecosystem.
Figure 1: The Overall Leadership rating for the SSCS market segment
Veracode is also positioned as a Product Leader for functional strength and completeness of service, and an Innovation Leader for its customer-oriented upgrade approach in delivering cutting-edge features.
Richard Hill, Director of IAM Research and Lead Analyst at KuppingerCole, who authored the report, said, “Veracode’s customer base comprises SMB to enterprise-level organizations located primarily in North America, with good growth in the EMEA, APAC, and Latin America. It also supports a good partner ecosystem commensurate to those customer regions. Veracode is a leader in all KuppingerCole Leadership Compass categories and provides depth in source, API security, and vulnerability detection SSCS capabilities while providing visibility of key SSCS indicators. Veracode should be considered when evaluating SSCS solutions.”
Making Software Supply Chain Security a Top Priority
The software supply chain has hit headlines several times in recent years, most notably with the attack on SolarWinds in late 2020. These types of attacks led the U.S. government to issue an Executive Order on Improving the Nation’s Cybersecurity in May 2021, which called for the modernization of software security practices, such as mandating a Software Bill of Materials (SBOM) for products.
The Leadership Compass is the industry's most detailed and in-depth analysis of the emerging end-to-end software supply chain security market. It assesses a vendor’s ability to secure the entire software development life cycle (SDLC) process throughout the entire CI/CD (Continuous Integration/Continuous Delivery) pipeline. The study evaluates market segment, vendor service functionality, relative market share, and innovative approaches to providing SSCS solutions for specific organizational needs.
Continuous Software Security Throughout the SDLC
Veracode’s integrated platform bridges the needs of security and development teams by seamlessly embedding application security into the SDLC. Powered by nearly two decades of proprietary data, the platform provides a comprehensive view of risk, remediation guidance, and progress at every stage of the development process.
In the SSCS Leadership Compass, Veracode’s platform was hailed for strengths in API security features, visibility and reporting, vulnerability & secrets detection, and offering multiple SBOM formats. The company was also evaluated for its good customer growth and global partner ecosystem.
Eric Swenson, Vice President of Product Marketing at Veracode, said, “Increased reliance on third-party and open-source code, combined with emerging regulations to drive standardization and governance, has made supply chain security a top priority for organizations. Until recently, they haven’t had all the necessary data to make an informed decision on how best to mitigate risk in their supply chains. The KuppingerCole SSCS Leadership Compass is the best definition of this emerging market to date. We are proud to position as a leader in every category, and achieve a Strong Positive for every product capability analyzed.”
To read a complimentary copy of the SSCS Leadership Compass 2023, visit the KuppingerCole website.
To learn more about intelligent software security from Veracode, please visit veracode.com/platform.
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at www.veracode.com, on the Veracode blog, on Linkedin, and on Twitter.
Copyright © 2023 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.