Skip to main content

Veracode Named a Leader in Application Security by Independent Research Firm

Evaluation cites “unified cloud-based security SAST and DAST platform” with “a customer-centric approach to integration into the greater development workflow.”


Evaluation cites “unified cloud-based security SAST and DAST platform” with “a customer-centric approach to integration into the greater development workflow.”

BURLINGTON, Mass. — December 24, 2014 —  Veracode, a leader in protecting modern enterprises from today’s pervasive web and mobile application threats, today announced that Forrester Research, Inc. has ranked Veracode as a Leader in application security based on a detailed evaluation of 12 vendors across 82 separate criteria.

According to the “Forrester Wave™: Application Security, Q4 2014,” Veracode received among the highest scores for product strategy and corporate strategy.  In particular, the analyst firm cited Veracode’s unified cloud-based SAST and DAST platform, high scalability for static binary assessments, and the “capability to simultaneously scan thousands of websites ... in real-time” with its web perimeter monitoring service.

Forrester states that “Application security remains a crucial component in keeping enterprise servers and data secure.”  According to Forrester’s detailed analysis, Veracode offers “accurate and timely results” with “strong results in both SAST and DAST segments” and differentiators including mobile behavioral analysis and third-party software assessment capabilities.  In addition, capabilities of the company’s security platform include developer workflow integration, central policy management and security analytics and benchmarking.

The application threat surface has dramatically expanded as organizations of all sizes and across every industry increasingly rely on software as a source of strategic differentiation and competitive advantage.  At the same time, traditional security strategies have primarily focused on hardening networks rather than the application layer.  As a result, web applications have become the #1 attack vector for cyberattackers, who frequently exploit application-layer vulnerabilities such as SQL injection to gain access to sensitive data such as employee and customer information and corporate intellectual property.  

“Global enterprises are looking to systematically reduce risk across web, mobile and third-party applications, and across all phases of the lifecycle – from development to production,” said Sam King, Veracode’s EVP of Strategy and Corporate Development.  “Veracode was designed from the ground up as an automated cloud-based service, delivering the speed and scale enterprises require to tackle application security on an enterprise-wide basis.  I believe that Veracode’s designation as a Leader by Forrester is a testament to the measurable results we continue to deliver for the world’s largest enterprises and the highly innovative work we do.”