Veracode enhanced its Continuous Software Security Platform in Europe. Companies can now secure their software across the entire software development lifecycle (SDLC) with the added capabilities of dynamic analysis and API scanning, complementing Veracode’s static analysis, software composition analysis and manual penetration testing tools.
The Veracode European Region, a cloud-based instance, allows customer data to stay resident in the EU to meet policy requirements for cloud computing.
Demand for a SaaS-based software security solution that supports data residency has never been greater. With a 20x increase in security scanning cadence over the past decade, organisations are now testing apps for flaws more thoroughly than ever. Many are shifting further left and combining static, dynamic, and software composition analysis to gain a comprehensive view of risk and compliance to policies.
Veracode’s EMEA Chief Technology Officer, John Smith, said, “The European market has a growing need to consolidate and automate application security, while meeting stringent data residency requirements. The options for achieving this at scale are limited and complex: on-premise solutions require a large, upfront investment and frequent upgrades, while other SaaS platforms are often a pared-down version of existing on-premise products. Veracode’s cloud-native platform helps customers keep costs down and increase efficiencies by integrating multiple software security tools into one easy-to-use solution that also monitors policy compliance.”
Based in Frankfurt, Germany, the Veracode European Region is a cloud-based instance that offers customers in EMEA a broad suite of solutions as part of its unified Continuous Software Security Platform, which bridges the gap between security and development teams. Dynamic analysis and API scanning are the latest capabilities to be made available in the market. The integrated platform is unique since it gives customers a “single pane of glass” view of security posture across their entire SDLC.
Seamlessly embedded into the environments where developers work, Veracode creates a frictionless experience for developers to code securely without compromising speed of delivery. This is paramount to help businesses keep pace with accelerating deployment times, as well as to provide a comprehensive view of risk, remediation guidance, peer benchmarking, and rich analytics throughout the development pipeline.
Powered by nearly two decades of aggregate data, the cloud-native platform continually finetunes itself to improve accuracy, yielding impressively low false-positive rates. It also streamlines workflows by running daily updates of the vulnerability database, so customers are immediately apprised of any potential threats.
A customer of Veracode, a European commerce body, said, “The privacy and protection of our customers is our highest priority, so we need to be confident in our software security programme. Veracode gives us this assurance with a fully SaaS platform that is resident in the EU. Initially, we needed an automated dynamic analysis product that could crawl our applications at scale but wanted to avoid the pain of amassing several disparate tools over time. With Veracode, we are safe in the knowledge that we can leverage multiple solutions in one place as we continue to shift security further left.”