Veracode, a global leader in application risk management, has announced the launch of new capabilities designed to help organizations strengthen their security posture against today’s evolving threat landscape. The latest updates feature advanced AI-powered enhancements to its Dynamic Application Security Testing (DAST) product and the introduction of External Attack Surface Management (EASM). These innovations work in tandem to give security teams a unified view of risk, enabling smarter, faster, and safer decision-making.
“Security teams need to see and secure everything; not only what is inside their perimeter,” said Derek Maki, Head of Product at Veracode. “With our latest DAST capabilities and Application Risk Management platform enhancements, we’re helping organizations shift from vulnerability scanning to holistic risk management, to better identify risk residing in unidentified external assets.”
Addressing the Expanding Attack Surface
As development cycles accelerate and cloud adoption continues to rise, organizations face mounting challenges in managing an increasingly complex and expansive attack surface. The 2024 Verizon Data Breach Investigations Report highlights that web applications are the most common entry point for cyberattacks, accounting for nearly half of all incidents. Compounding the issue, Veracode’s own security research reveals that the average time to remediate vulnerabilities has increased by 47% over the past five years.
Veracode’s new offerings directly confront these challenges by delivering seamless security integration, intelligent risk prioritization, and real-time scanning. These tools help organizations safeguard modern applications without sacrificing speed or agility.
Also Read: ESET unveils integration with Wazuh
External Attack Surface Management: Automated, Continuous Protection
Veracode’s EASM capability empowers security teams with continuous visibility into their external digital footprint. By automating the discovery of internet-facing assets such as APIs, web apps, mobile platforms, and cloud-based services, EASM identifies high-risk blind spots and ensures proactive risk management. Key benefits include:
-
Complete Visibility: Continuous monitoring of all external-facing assets to eliminate hidden vulnerabilities.
-
Risk-Based Prioritization: Helps focus resources on the most critical threats, reducing potential attack vectors.
-
Seamless Integration: Planned integration with Veracode Risk Manager (VRM) will unify risk insights from SAST, SCA, and DAST tools, offering centralized risk oversight.
“In today’s threat landscape, organizations must contend with an unprecedented number of potential entry points,” Maki explained. “Veracode EASM provides security teams with the attacker’s perspective and delivers the capability to continuously identify, analyze, and mitigate risks before exploitation can occur.”
Advancing DAST with Enterprise-Grade Capabilities
The new Enterprise Mode for Veracode DAST Essentials marks a leap forward in dynamic application security testing. Designed for scalability and precision, the updated DAST solution supports complex application environments with a robust set of features:
-
Advanced Crawling and Auditing: Deep, flexible scanning for comprehensive security assessments.
-
AI-Powered Auto-Login: Minimizes authentication hurdles and simplifies deployment across enterprise environments.
-
Internal Scan Management (ISM): Enables secure scanning within internal networks and behind corporate firewalls.
-
User-Friendly Interface: Streamlined configuration and faster setup to accelerate time to value.
-
Real-Time Reporting: Provides instant visibility into vulnerabilities and a consolidated view of risk across all projects.
“DAST Enterprise Mode empowers security teams to work faster, smarter, and safer,” noted Maki. “With real-time analysis in a unified platform, it eliminates the challenge of fragmented tools and enables mature, resilient risk management with centralized visibility and control.”