Appsec Market Leader Veracode Continues Strong Growth And Business Momentum
Year underscored by progress integrating security into developer workflows and recognition for innovation by leading research firms and customers
BURLINGTON, Mass. – February 4, 2021 – Veracode, the largest global provider of application security testing (AST) solutions, continues to accelerate its leadership position in the market, closing 2020 with 13 percent revenue growth YoY – nearly five percent greater than forecasted industry growth1. The company has propelled its performance above the “rule of 40”, a key success metric for SaaS businesses (growth rate plus profit margin), demonstrating solid execution of a best-in-class software company. Other milestones include the launch of new innovative solutions and additions to its executive team.
Acceleration of Cyberattacks is Increasing Awareness and Growth of Software Security
Cybersecurity breaches and incidents are becoming more prominent and dangerous. Companies are increasingly mindful of these threats and scanning more frequently. In 2020, Veracode scanned more than 11 trillion lines of code and helped fix more than 16 million flaws, reflecting a nearly 100 percent increase in lines of code scanned and a 10 percent increase in flaws fixed year over year. These statistics signal that Veracode customers are increasingly “shifting security left” in their software development lifecycle (SDLC).
Demand for scanning and detecting open source vulnerabilities accelerated in 2020, as customers increasingly adopted Veracode Software Composition Analysis (SCA). Veracode SCA bookings grew 25 percent YoY in 2020. According to the company’s State of Software Security Open Source report, more than 70 percent of applications have an open source vulnerability.
“In 2020, we continued to expand our efforts to help customers find and fix code vulnerabilities by investing in integrations with cloud platform providers and development tools, supporting DevOps automation initiatives, and launching new solutions for developer enablement,” said Sam King, CEO of Veracode. “We have also established a track record of business profitability while continuing to innovate and lead the market. No other software security vendor provides the depth and breadth of scanning with integrations and automation throughout the software development lifecycle, best-in-class low false positive rates, ability to scale, and remediation support within a single platform.”
Innovation in Action
In line with the company’s mission to help make code secure from the start, Veracode focused efforts on integrating security more tightly into developer workflows – resulting in the ability for customers to both find and fix flaws earlier in the SDLC. Notable 2020 achievements include:
- Achieving AWS DevOps Competency Status, the release of GitHub Actions and integrations with GitLab and Atlassian/Jira.
- Streamlining testing across the entire SDLC within a single solution, providing real-time feedback and remediation guidance to find and fix flaws with IDE, Pipeline, and Policy Scan.
- Providing publicly available resources for developers including remediation guidance, Vulnerability database, and AppSec knowledgebase.
- Adding support for 11 new static frameworks, vulnerable methods for JavaScript in SCA, and expanded container scanning to operating systems including Debian, Ubuntu and Alpine.
- Setting the bar for modern developer enablement with Security Labs, introduced early last year, and subsequently releasing Security Labs Community Edition, a complimentary solution that allows developers to patch real applications in a lab-based environment.
Customer and Analyst Accolades
- Veracode was named a Leader in the Forrester Research Static Application Security Testing (SAST) WAVE Q1 2021, citing “Veracode has invested in the Developer Experience” and “Prioritization is a strength, with Veracode’s graphical representation of code flaws according to risk and ease of fix unmatched in the market.”
- TrustRadius selected Veracode as a first-place winner in its 2021 Best AppSec Feature Set and Best AppSec Customer support categories. TrustRadius reviews include many insightful customer testimonials from Veracode customers.
- Gartner Peer Insights named Veracode a 2020 Customers’ Choice for Application Security Testing, following the company being named a leader for the 7th consecutive year in the Gartner Magic Quadrant for Application Security Testing.
- Veracode was named a 2020 Cybersecurity Excellence Gold Winner in the software category by Cybersecurity Insiders.
- Cybercrime Magazine named Veracode one of the 10 Hot Application Security Companies to Watch in 2021.
- In October, Veracode and CEO Sam King were honored by The Commonwealth Institute and The Boston Globe as one of the Top 100 Women Led Businesses in Massachusetts in 2020, ranking number one among all software companies.
Extended Executive Leadership
In the second half of 2020, Veracode added two industry veterans to its esteemed leadership team: Mark Bissell was appointed Chief Customer Officer, and Brian Roche as Senior Vice President, Engineering and Cloud Operations.
Bissell leads Veracode’s post-sales strategy and customer operations, enabling customers to get the most value from their investment in Veracode. Bissell joined Veracode from Jibe, Inc. where he was COO and previously served in many roles at SuccessFactors. Roche leads the engineering team at Veracode and has more than 20 years in engineering leadership roles at companies such as EMC, Cognizant, and most recently at Medidata.