Market Overview

CORRECTING and REPLACING Veracode VAST Program Touted As One-Stop Shop for Enterprise App Security by 451 Research


Please replace the release dated October 25, 2012 with the following corrected version due to multiple revisions.

The corrected release reads:


VAST Program Positioned to "Spread Like Wildfire" According to Analyst Firm

Veracode, Inc., the leader in cloud-based application security testing, is pleased to be exclusively featured in a 451 Research report on third party software security. The independent report provides a snapshot of Veracode's third-party assurance testing business model, positioning the application security company as a leader in the industry thanks to its unique binary static analysis and dynamic testing without the need for source code. The full report is available for free download at or to 451 Research subscribers at

“The beauty of this strategy is that the program can unfold throughout the supply chain,” said Wendy Nather, research director, security at 451 Research, on the VAST Program “If Veracode reaches critical mass with this third-party-attestation service, it could slip in as an application security standard where currently there are only lists of vulnerabilities. Giving a list of what to do is a lot easier than giving a list of what not to do.”

Veracode launched the VAST Program in September, 2012 to help enterprises reduce the risks associated with vendor-supplied software, while strengthening vendor compliance with enterprise application security policies, taking both effort and cost away from the CISO.

“VAST was created to increase the security of buying software. We work with enterprises to define the level of security they should expect and then we work with their vendors to see that those expectations are met,” said Bob Brennan, CEO of Veracode. “Veracode prevents the most common form of attack. With VAST and our broad portfolio of services we are securing the software that our customers build and buy.”

Furthermore, join Wendy Nather and Chris Wysopal, CTO and Co-Founder of Veracode, as they discuss how the security landscape has altered giving enterprises the power to wield security integrity as a requirement for software purchasing for their webinar, “Power to the People: Building Your Third-Party Application Security Program.” Registration can be completed here:

For more information about VAST, visit Veracode's Web site:

About 451 Research

451 Research, a division of The 451 Group, is focused on the business of enterprise IT innovation. The company's analysts provide critical and timely insight into the competitive dynamics of innovation in emerging technology segments. Business value is delivered via daily concise and insightful published research, periodic deeper-dive reports, data tools, market-sizing research, analyst advisory, and conferences and events. Clients of the company – at vendor, investor, service-provider and end-user organizations – rely on 451 Research's insight to support both strategic and tactical decision-making. 451 Research is headquartered in New York, with offices in key locations, including San Francisco, Washington DC, London, Boston, Seattle, and Denver.

About Veracode

Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit, follow on Twitter: @Veracode or read the Veracode Blog.

Media Contact for Veracode:
Weber Shandwick
Ellen Moss, 617-520-7138

View Comments and Join the Discussion!