Market Overview

Veracode VAST Program Touted As One-Stop Shop for Enterprise App Security by 451 Research


Veracode, Inc., the leader in cloud-based application security testing, today announced a new report by 451 Research that highlights the Veracode VAST Program as lowering the barriers to application security testing. The independent report provides a snapshot of Veracode's third-party assurance testing business model, positioning the application security company as a leader in the industry thanks to its unique static and binary analysis and dynamic testing without the need for source code. The full report is available for download at

“The beauty of this strategy is that the program can unfold throughout the supply chain,” said Wendy Nather, research director, security at 451 Research, on the VAST Program. “If Veracode reaches critical mass with this third-party-attestation service, it could slip in as an application security standard where currently there are only lists of vulnerabilities. Giving a list of what to do is a lot easier than giving a list of what not to do.”

“VAST was created to facilitate collaboration between the enterprise and software vendors to ensure security and compliance requirements are being met,” said Bob Brennan, CEO of Veracode. “With VAST and our broad portfolio of services, Veracode is well positioned to continue growing its leadership position within the application security marketplace.”

Veracode, which entered the application security market at a time when many enterprises were still placing their security focus on the network, operating system and endpoint, has evolved the industries' perception of application security by allowing customers to effectively manage application risk within the software supply chain.

The company launched the VAST Program in September 2012 to help enterprises reduce the risks associated with vendor-supplied software, while strengthening vendor compliance with enterprise application security policies, taking both effort and cost away from the CISO. For more information about VAST, visit Veracode's Web site:

Furthermore, join Wendy Nather and Chris Wysopal, CTO and Co-Founder of Veracode, as they discuss how the security landscape has altered giving enterprises the power to wield security integrity as a requirement for software purchasing for their webinar, “Power to the People: Building Your Third-Party Application Security Program.” Registration can be completed here:

About 451 Research

451 Research, a division of The 451 Group, is focused on the business of enterprise IT innovation. The company's analysts provide critical and timely insight into the competitive dynamics of innovation in emerging technology segments. Business value is delivered via daily concise and insightful published research, periodic deeper-dive reports, data tools, market-sizing research, analyst advisory, and conferences and events. Clients of the company – at vendor, investor, service-provider and end-user organizations – rely on 451 Research's insight to support both strategic and tactical decision-making. 451 Research is headquartered in New York, with offices in key locations, including San Francisco, Washington DC, London, Boston, Seattle, and Denver.

About Veracode

Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit www. veracode. com, follow on Twitter: @Veracode or read the Veracode Blog.

Media Contact for Veracode:
Weber Shandwick
Ellen Moss, 617-520-7138
Media Contact for 451 Research:
Lynn Schwartz, 973-736-7118

View Comments and Join the Discussion!