Veracode Inc.
Veracode Inc. is a company.
Active
Updated: ·
Financial History
Total Raised
N/A
Valuation
N/A
Leadership Team
Key people at Veracode Inc..
Veracode Inc. is a company.
Key people at Veracode Inc..
Veracode Inc. is a Burlington, Massachusetts-based application security company founded in 2006 that provides a SaaS platform for comprehensive application security testing.[2] It offers tools including static analysis (white-box testing), dynamic analysis (black-box testing), and software composition analysis, integrated into development pipelines to scan code, identify flaws, and enable secure software development.[2][1] Serving over 2,500 customers worldwide, Veracode has scanned more than 315 trillion lines of code and helped fix over 113 million software flaws, with 97% customer recommendation rates and around 700 global employees.[1][2]
The company empowers organizations to build, buy, and run secure software from the start, addressing vulnerabilities in the software supply chain through developer-friendly tools and governance.[1][3] Its growth includes key acquisitions like Phylum Inc. in January 2025 for enhanced open-source security and Longbow Security in 2024, alongside a $2.5 billion acquisition by TA Associates in March 2022, demonstrating strong momentum in the booming AppSec market.[2]
Veracode was founded in 2006 by Chris Wysopal and Christien Rioux, both former engineers at @stake, a security consulting firm linked to L0pht Heavy Industries' white-hat hackers.[2] Rioux authored much of the core software, drawing from their expertise in vulnerability assessment to create an automated alternative to manual penetration testing.[2] In 2007, they launched SecurityReview, their initial SaaS service for scanning code to detect cybersecurity risks without needing external consultants.[2]
Pivotal moments include leadership shifts—Robert T. Brennan as CEO in 2011, Sam King post-Thoma Bravo acquisition, and Brian Roche in April 2024 after the Longbow deal—and major scale-ups like scanning 11 trillion lines of code in 2020 while fixing 16 million flaws.[2] The 2022 TA Associates buyout at $2.5 billion and 2025 Phylum acquisition marked its evolution into a full-spectrum AppSec leader.[2]
Veracode stands out in application security through these key strengths:
Veracode rides the shift-left security trend in DevSecOps, where vulnerabilities must be caught early amid rising software supply chain attacks and regulatory pressures like GDPR and U.S. executive orders on cybersecurity.[2] Its timing aligns with explosive code volume growth—scanning trillions of lines yearly—as enterprises adopt cloud-native apps, open-source dependencies, and AI-driven development, amplifying breach risks.[1][2]
Market forces favoring Veracode include a projected $10B+ AppSec market by 2025, driven by 2,500+ customers relying on its SaaS scalability over fragmented tools.[1][2] It influences the ecosystem by standardizing secure-by-design practices, fostering industry collaboration, and delivering reports that shape awareness (e.g., persistent flaw data), helping enterprises prioritize missions confidently.[1][3]
Veracode is poised for accelerated growth as AI-generated code and expanding open-source use intensify supply chain threats, with its Phylum integration positioning it to lead in automated, AI-enhanced vulnerability blocking.[2] Expect deeper platform AI features, more acquisitions, and expansion into emerging regs like EU AI Act security mandates, potentially doubling scan volumes amid hybrid cloud booms.
Its influence will evolve from scanner to ecosystem orchestrator, enabling "secure from the start" at enterprise scale—reinforcing its role as the AppSec backbone for software powering global business.[1]
Key people at Veracode Inc..
