Veracode’s Cloud-Based Platform Recognized for Excellence in Mobile Testing, Quality Assurance and Security by SD Times

BURLINGTON, MA – June 18, 2014 – Veracode, the application security company, today announced that Veracode’s cloud-based platform for application security has been named to the SD Times 100 list in the “Mobile Testing, Quality Assurance and Security” category. Each year, SDTimes 100 recognizes top businesses for their innovation and leadership that sets them apart from the competition in the software development industry. 

The rapid pace of technology innovation means companies need to find ways to increase the cadence of software development. To accomplish this, many development teams are standardizing on agile development processes. However, increased development speed can come at the cost of security.  According to a study by Ponemon Institute[1], 79% of developers say they either have no process or an inefficient ad-hoc process for building security into applications.

Veracode’s cloud-based platform integrates tightly with agile development tool chains and provides actionable guidance to help developers quickly prioritize and remediate vulnerabilities. For optimum accuracy and coverage, the Veracode solution combines multiple assessment techniques in a single central platform with consistent policies, metrics and reporting. These techniques include automated static analysis, dynamic analysis, software composition analysis (SCA) and behavioral analysis for mobile apps, plus manual penetration testing. The single platform also allows development teams to implement a programmatic, policy-based approach that systematically reduces global application-layer risk – across web, mobile and third-party applications. In addition, Veracode offers broad support for the most widely-used languages and frameworks.

“We are pleased to receive this recognition as it validates our simpler and more scalable approach to application security,” Pete Chestna, director of Engineering, Veracode. “With our cloud-based platform, development teams are able to seamlessly integrate security into the agile software development lifecycle so they can rapidly develop web and mobile applications without sacrificing security.” 

[1] “2012 Application Security Gap Study: A Survey of IT Security & Developers,” Ponemon Institute, March 2012