Veracode Helps Developers Reduce Risk and Decrease Time to Production with New Static Analysis Features
Custom Cleansers, Accelerated Results, Veracode Static Analysis IDE Scan and Perl language enable Secure DevOps by expanding ability to make automated security testing part of the development process.
Custom Cleansers, Accelerated Results, Veracode Static Analysis IDE Scan and Perl language enable Secure DevOps by expanding ability to make automated security testing part of the development process
BURLINGTON, Mass. – April 5, 2017 – Veracode, a leader in securing the world’s software and recently acquired by Veracode (NASDAQ: CA), today announced four new features in its industry-leading application security platform: Accelerated Results, Custom Cleansers, Veracode Static Analysis IDE Scan and Perl language support. With these new features, Veracode is further enabling developers to work faster and more securely across more applications.
To keep up with the growing demand for applications, the nature of software development is changing. Developers are moving to more rapid development cycles and application security needs to keep pace. According to the Puppet State of DevOps Report (2016), the highest performing development teams are addressing security at every stage of the software development and delivery cycle rather than retrofitting security at the end – and they’re spending 50 percent less time remediating security issues as a result.
In alignment with the continuous development mindset, the new features within the Veracode Application Security Platform help developers reduce risk in their applications with improved time to results, accuracy and portfolio coverage:
- Accelerated Results provides developers with security findings as each application module finishes scanning. This new feature empowers developers to address security issues sooner in the software development lifecycle (SDLC) by providing results up to eight-times faster than previous methods.
- Custom Cleansers lets security architects and teams extend Veracode Static Analysis to recognize custom cleansing functions for common vulnerabilities including SQL injection, URL redirection, log forging, and header injection. This new feature allows developers to secure code faster with more accurate findings and actionable results.
- Veracode Static Analysis IDE Scan Auto-Scan is a hands-free feature that automatically scans a file the moment it is saved, eliminating the manual step for developers.
- Perl language support helps security teams ensure that more of their portfolio, particularly web applications built using legacy languages, is secure.
“Developers want to reduce risk in their applications while maintaining the speed of development that CI/CD environments and DevOps demand,” said Tim Jarrett, Senior Director of Enterprise Security Strategy, Veracode. “By allowing them to review results faster and removing noise from the results, with the added advantage of support for legacy code, the new features within Veracode’s Application Security Platform empowers businesses to secure more of their application portfolios with fully automated security testing.”
These features are available today in the Veracode Application Security Platform. For more information about Veracode Static Analysis, visit: http://vera.cd/2o2JAvj. For more information about Veracode Static Analysis IDE Scan, visit: http://vera.cd/2o2MGzz.