CA Technologies has signed a definitive agreement to acquire Veracode for approximately $614 million in cash. The transaction is expected to close in the first quarter of fiscal year 2018, and is subject to customary closing conditions, including regulatory approvals.
The combination of CA’s portfolio with privately-held Veracode will establish CA Technologies as a leader in the Secure DevOps market through the automation and scaling of application security testing (AST) to develop and deploy applications faster with fewer defects.
With Veracode, CA Technologies bridges its security business with its broad DevOps portfolio and adds to its growing SaaS business. Veracode extends CA’s go-to-market strategy into midsize enterprise customers while CA accelerates Veracode‘s global reach into larger enterprise customers.
“This acquisition will unify CA’s Security and DevOps portfolios with a SaaS-based platform that seamlessly integrates security into the software development process. Looking holistically at our portfolio, now with Veracode and Automic, we have accelerated the growth profile of our broad set of solutions. We now expect that the size of our growing solutions within our Enterprise Solutions portfolio will eclipse the more mature part of the Enterprise Solutions portfolio in FY19,” said Ayman Sayed, President and Chief Product Officer, CA Technologies.
Named a leader in the Gartner Magic Quadrant for Application Security Testing, Veracode’s solution enables automated, on-demand application security testing starting at the earliest phases of the development lifecycle to improve testing speed, address security concerns in production, and eliminate risk. In addition to dynamic application testing, the SaaS-based application security testing software and solutions also perform static testing to detect potential vulnerabilities in custom code, third party applications and open-source components.
“CA’s Veracode acquisition is a good indicator that the DevOps adoption wave is continuing to build in enterprises. Much as we saw with cloud adoption trends, and virtualization before that, when traditional players start investing in tooling for the new world, they’re doing so because their large traditional customers are beginning to move in that direction. Today, that means pushing security earlier in the development cycle (as Veracode helps with) and using developer intent to automate runtime protection,” John Morello, CTO of Twistlock, told Help Net Security.