Veracode , a global leader in application risk management, announced platform innovations that set a new standard for developer-driven application security. New repo-risk visibility and analysis from Longbow Security, powered by Veracode, accelerates the approach to application risk from code repositories to runtime images. The solution was launched together with Veracode Fix in the IDE (Integrated Development Environment) and Batch Fix to bridge the gap between development and security teams. These latest innovations help developers focus on the most critical tasks that drive value and differentiation.
“ Today, developers face significant competitive pressure to innovate faster and apply more security controls to their code than ever before,” said Tim Jarrett, Group Head of Product Management at Veracode. “ We are committed to providing a seamless experience for developers and security operators, and our recent product enhancements make the task of securing code simple and effortless.”
Bringing development & security teams together: repo-risk visibility & analysis
In April, Veracode acquired Longbow Security to help organizations effectively manage and mitigate application risk across the growing attack surface. The integration of Longbow’s latest capabilities, repo-risk visibility and analytics, closes the gap between development and security teams with greater visibility from code repositories to cloud assets and runtime images. It also sheds light on infrastructure-as-code and the risk of misconfiguration for cloud assets that originate in repositories.
“ Customers challenged us to apply our unique Longbow expertise in cloud risk and prioritization to the challenges they face managing upstream risk in their code repositories,” said Derek Maki, Vice President of Product Management at Veracode. “ We responded with a solution that provides visibility into the relationship between source code weaknesses and runtime security posture. Simultaneously, development teams gain a consolidated view of risk and tremendous time savings when it comes to prioritizing remediation, reducing code changes, and resolving issues quickly.”
This new feature complements Veracode’s latest innovation for GitHub repo scanning, which allows developers to streamline activities such as staging servers and environments so they don’t have to scan them over and over again. This makes it easier for development and security teams to collaborate on secure coding and scanning, as Veracode results are delivered to GitHub where developers can act immediately.
SOURCE: Businesswire