Appsec Market Leader Veracode Continues Strong Growth And Business Momentum

Year underscored by progress integrating security into developer workflows and recognition for innovation by leading research firms and customers

BURLINGTON, Mass. – February 4, 2021 – Veracode, the largest global provider of application security testing (AST) solutions, continues to accelerate its leadership position in the market, closing 2020 with 13 percent revenue growth YoY – nearly five percent greater than forecasted industry growth1. The company has propelled its performance above the “rule of 40”, a key success metric for SaaS businesses (growth rate plus profit margin), demonstrating solid execution of a best-in-class software company. Other milestones include the launch of new innovative solutions and additions to its executive team.

Acceleration of Cyberattacks is Increasing Awareness and Growth of Software Security

Cybersecurity breaches and incidents are becoming more prominent and dangerous. Companies are increasingly mindful of these threats and scanning more frequently. In 2020, Veracode scanned more than 11 trillion lines of code and helped fix more than 16 million flaws, reflecting a nearly 100 percent increase in lines of code scanned and a 10 percent increase in flaws fixed year over year. These statistics signal that Veracode customers are increasingly “shifting security left” in their software development lifecycle (SDLC).

Demand for scanning and detecting open source vulnerabilities accelerated in 2020, as customers increasingly adopted Veracode Software Composition Analysis (SCA). Veracode SCA bookings grew 25 percent YoY in 2020. According to the company’s State of Software Security Open Source report, more than 70 percent of applications have an open source vulnerability.

“In 2020, we continued to expand our efforts to help customers find and fix code vulnerabilities by investing in integrations with cloud platform providers and development tools, supporting DevOps automation initiatives, and launching new solutions for developer enablement,” said Sam King, CEO of Veracode. “We have also established a track record of business profitability while continuing to innovate and lead the market. No other software security vendor provides the depth and breadth of scanning with integrations and automation throughout the software development lifecycle, best-in-class low false positive rates, ability to scale, and remediation support within a single platform.”

Innovation in Action

In line with the company’s mission to help make code secure from the start, Veracode focused efforts on integrating security more tightly into developer workflows – resulting in the ability for customers to both find and fix flaws earlier in the SDLC. Notable 2020 achievements include:

  • Achieving AWS DevOps Competency Status, the release of GitHub Actions and integrations with GitLab and Atlassian/Jira.
  • Streamlining testing across the entire SDLC within a single solution, providing real-time feedback and remediation guidance to find and fix flaws with IDE, Pipeline, and Policy Scan.
  • Providing publicly available resources for developers including remediation guidance, Vulnerability database, and AppSec knowledgebase.
  • Adding support for 11 new static frameworks, vulnerable methods for JavaScript in SCA, and expanded container scanning to operating systems including Debian, Ubuntu and Alpine.
  • Setting the bar for modern developer enablement with Security Labs, introduced early last year, and subsequently releasing Security Labs Community Edition, a complimentary solution that allows developers to patch real applications in a lab-based environment.

Customer and Analyst Accolades

Extended Executive Leadership

In the second half of 2020, Veracode added two industry veterans to its esteemed leadership team: Mark Bissell was appointed Chief Customer Officer, and Brian Roche as Senior Vice President, Engineering and Cloud Operations.

Bissell leads Veracode’s post-sales strategy and customer operations, enabling customers to get the most value from their investment in Veracode. Bissell joined Veracode from Jibe, Inc. where he was COO and previously served in many roles at SuccessFactors. Roche leads the engineering team at Veracode and has more than 20 years in engineering leadership roles at companies such as EMC, Cognizant, and most recently at Medidata.