Veracode is a security startup offering cloud-based vulnerability testing services for applications. They are recognized by Gartner as a Magic Quadrant Leader in their respective niche, and have generated $29.4M in revenue 2012. Veracode has more than 500 customers, including 3 of the 4 Top Banks, and 25 of the Top 100 global enterprises. The Veracode platform enables customers to detect, and eliminate vulnerabilities within applications during the development phase, production phase, or on purchased 3rd party outsourced applications.
Veracode offers a number of services, and products that help secure web applications, mobile applications, and 3rd party applications. Some of the services they offer include application scanning, penetration testing, and advanced behavioral analysis using a variety of metrics to detect vulnerabilities listed on the OWASP Top 10 or SAN Top 25. In addition, they help customers meet compliance and regulatory requirements. The key differentiator is they assess the risk at the application layer, the layer where zero day and advance malware take residence, and operate from while launching attacks.
 Company Background
- Started: 2006
- Raised: $74.3M in Funding
- Linkedin Employee Count: 289
- 2012 Revenue: $29.4M (Inc Magazine)
- Executives: Chris Wysopal (Co-founder), Christien Rioux (Co-founder) and Bob Brennan (CEO)
- Product: Cloud-based service for identifying and fixing vulnerabilities in applications, developed internally, or on outsourced 3rd party applications
- Services: application scanning, penetration testing, and behavioral analysis for detecting and plugging vulnerabilities
- Customers: 500 customers and growing. Hundreds of the largest companies, 3 of the top 4 banks in the Fortune 100, and 25 of the world’s top 100 brands
Product Features
- Cloud-based platform reduces application-layer risk across the enterprise
- Cloud-based platform offers numerous analysis techniques: Binary Static Analysis, Dynamic Analysis, Web Application Discovery & Monitoring, Behavioral Analysis, and Manual Penetration Testing
- Virtual Scan Appliance (Product) is a pre-configured virtual appliance that probes web applications behind firewall
- Discovery Service: discovers all applications running within an enterprise and externally
- DynamicMP: Baseline application risk, identify OWASP Top 10 and SANS Top 25 vulnerabilities
- DynamicDS: scanning service of web applications
- Mobile security solution: helps secure mobile applications during the development phase
- Mobile Behavioral Analysis: offers analysis and detects violations of security policies on mobile apps that are purchased from 3rd parties Cool Startup: Veracode