“Veracode Has Invested in the Developer Experience,” According to Analyst Report
BURLINGTON, Mass. – Jan. 11, 2021 – Veracode, Inc., the largest independent global provider of application security testing (AST), today announced it has been named a Leader in The Forrester Wave™: Static Application Security Testing, Q1 2021. The report states, “Prioritization is a strength, with Veracode’s graphical representation of code flaws according to risk and ease of fix unmatched in the market.” The Forrester report noted, “For firms looking for an enterprise-grade SAST tool, Veracode remains a top choice.”
Veracode was among the select companies that Forrester invited to participate in The Forrester Wave™: Static Application Security Testing, Q1 2021. In this evaluation, Veracode received the highest scores possible in the remediation guidance and education, product vision, execution roadmap, market approach, and planned enhancements criteria.
“We believe our commitment to empowering software developers to write secure code from the start, without sacrificing speed or innovation, while enabling security teams to manage risk and meet compliance mandates is why Veracode continues to be a market leader,” said Sam King, CEO of Veracode. “We’re thrilled that Forrester Research has recognized us in its Static Application Security Testing Wave and believe this report is a validation of our continued vision, innovation, execution, and focus on customer success.”
Veracode SAST is a SaaS solution that empowers customers to both find and fix flaws. It delivers a false positive rate of less than 1.1 percent without manual tuning, which allows developers to focus on fixing real security defects and write code with minimal distraction.
In 2020, Veracode scanned nearly 11 trillion lines of code and helped customers fix more than 16.4 million flaws. Three types of Veracode SAST scans guide developers through different stages of the software development lifecycle (SDLC):
- IDE Scan in the pre-commit stage to help developers find and fix defects in seconds in their preferred development environment. In addition to finding vulnerabilities, it also helps to accelerate remediation and educate developers through positive reinforcement, remediation guidance, and code samples.
- Pipeline Scan in the build stage of development to provide fast, accurate feedback in a median scan time of 90 seconds, so that teams can test every time they commit code in their CI/CD system. This scan is conducted within a development pipeline via an API, with checks against a company’s security policy and results directly integrated into the pipeline.
- Policy Scan to test the full application against policy and summarize its security posture in a single report in a matter of minutes. Development teams can also preview compliance in a sandbox environment before communicating results to security and governance teams. This centralized reporting gives security teams broad visibility across their application landscape.
To download a complimentary copy of The Forrester Wave™: Static Application Security Testing, Q1 2021 report, click here.
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Using powerful AI trained on a carefully curated, trusted dataset from experience analyzing trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.
Copyright © 2023 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.