/mar 4, 2019

Newly Independent Veracode Achieves Record Growth as Businesses Adopt Its Application Security Platform for DevSecOps

Market-leading Application Security Platform Added 750 New Customers in Past Year Driven by Need to Integrate Security at Speed into the Software Development Lifecycle

BURLINGTON, Mass. – March 4, 2019 – Veracode, a leading provider in application security testing (AST), today announced that it has achieved rapid growth in its global customer base as more businesses seek to create secure software using its market-leading application security platform.

Veracode, acquired by leading private investment firm Thoma Bravo LLC in January 2019 for $950 million, is addressing customer needs with new product innovations that give companies a competitive edge by embedding security directly into the software development lifecycle (SDLC). Companies are using Veracode in Agile, microservices, DevSecOps, cloud native apps, and APIs.

The application security market is poised to grow to $7 billion by 2023, according to a report by Forrester Research, fueled by rapid proliferation of software and an increased cadence of application layer breaches. To ensure the software they are building, buying and downloading is secure, organizations around the world are adopting the full suite of solutions offered by the Veracode platform to create secure code.

“As companies use and build software to facilitate change in their industries and help solve complex issues facing society, there is a growing need to ensure that software is secure,” said Veracode Chief Executive Officer Sam King. “The importance to the rest of the business is critical – they can innovate in scientific research, automation, healthcare, economic development, and other pioneering efforts in their industries with confidence because they know their software is built securely. Our mission is to help our customers change the world by enabling them with a platform that can scale to their needs, cover the entire application security portfolio, and reduce risk from cyber threats targeting software vulnerabilities.”

Veracode business milestones in the past year include:

  • Crossing 9 trillion lines of code scanned all time, and 40 million flaws fixed
  • Seamless integrations across the SDLC resulting in as much as 90 percent reduction in remediation costs and improved integration into the CI/CD pipelines
  • More than doubling scan activity per month as customers utilize Veracode APIs to embed scanning into DevSecOps pipelines, resulting in fixing vulnerabilities 11 times faster
  • 20 percent increase in worldwide employee base since January 2018, with more than 30 percent of employees being women, and more than 30 percent of the company’s leadership being minorities
  • Added 750 new customers in the past 12 months
  • Closed on the acquisition of SourceClear to enhance open source security for enterprises
  • Listed as #1 AppSec vendor by IT Central Station

Veracode’s cloud-based platform helps security teams and software developers find and fix security-related defects at all points in the software development lifecycle, remediating flaws in code before they can be exploited by hackers.

New features include:

  • Accelerated Dynamic (DAST) for Contemporary Web Applications: Veracode’s new scalable architectural approach allows for seamless deployment so customers can easily configure to scan internal applications in the cloud, within containers, on a virtual machine or bare metal; customize scans for organizational compliance; and scan multiple applications using a single endpoint. This new architecture brings increased speed and coverage to the Veracode DAST platform, enhanced scale, and improved operational efficiency.
  • Veracode Analytics: Customers are able to view real-time performance of their application security program via customizable dashboards. The analytics platform, which is standard for every customer, allows organizations to measure and track mean time to resolution for vulnerabilities they identify, more accurately track risk reduction, and provide insights into flaw remediation. Veracode Analytics provides powerful visibility into the application security program for all teams across all applications, and offers impactful, real-time visuals for C-suite leaders, Board members, and other executives to understand the return-on-investment of application security.
  • Software Composition Analysis (SCA) integration: Veracode offers the ability to scan Docker containers using RHEL (Red Hat) or CentOS. Veracode SCA currently covers more than 1.5 million different and unique open source libraries, and almost 14 million different versions of those libraries. Veracode’s database includes all of the open source vulnerabilities in the National Vulnerability Database (NVD) as well as a proprietary list of vulnerabilities in open source libraries that were uncovered using Veracode’s proprietary Machine Learning algorithms.
  • Language support: The Veracode platform now supports more than 100 languages and frameworks, including support for Go, Scala and Python.

Veracode is at RSA Conference 2019, stop by and see us at booth #N 6161 for demos, cool giveaways, and conversations with thought leaders and Sophia, the world’s first humanoid citizen. Learn more about Veracode’s application security platform here

1. Forrester Analytics: Application Security Solutions Forecast, 2017 To 2023 (Global), Forrester Research, Inc., Aug. 7, 2018

About Veracode
With its combination of automation, process, and speed, Veracode becomes a seamless part of the software lifecycle, eliminating the friction that arises when security is detached from the development and deployment process. As a result, enterprises are able to fully realize the advantages of DevOps environments while ensuring secure code is synonymous with high-quality code. 

Veracode serves more than 2,000 customers worldwide across a wide range of industries. The Veracode Platform has assessed more than 8 trillion lines of code and helped companies fix more than 36 million security flaws.

Learn more at www.veracode.com, on the Veracode blog and on Twitter.

Copyright © 2019 Veracode, Inc. All rights reserved. All other brand names, product names, or trademarks belong to their respective holders.

Media Contact:

Pete Daly
[email protected] 

About Veracode

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Copyright © 2024 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.


Press and Media Contacts

Katy Gwilliam,
Head of Global Communications, Veracode
[email protected]
Related Links


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image

    and Tricks

  • resource image

    & Podcasts

  • resource image

    and eBooks