# Veracode, Inc.
*Also known as Veracode*

- Website: https://www.veracode.com
- Location: Burlington, MA, United States
- Agent profile: https://directory.haycion.ai/agents/veracode-com

> Veracode provides end-to-end application security solutions to help organizations secure software across the development lifecycle.

Veracode provides end-to-end application security solutions to help organizations secure software across the development lifecycle. Serving enterprises and developers across industries, the company offers a scalable platform and services to identify, prioritize, and remediate security risks in software, reduce vulnerabilities, and accelerate secure software delivery.

**Mission:** To help organizations reduce software security risk by delivering scalable, end-to-end application security across the software lifecycle.

## Products & Services

### [Veracode Platform](https://www.veracode.com/platform/)
*Platform*
Provides comprehensive application security and rapid remediation for secure software delivery.

- **AI Code Remediation** — Automates Flaw Fixing
- **Code Flaw Detection** — Detect Flaws While Coding
- **Open-source Vulnerability Protection** — Identify Open-source Risks
- **Risk Manager (ASPM)** — Centralizes Risk Management
- **Runtime Vulnerability Detection** — Detects Real-time Threats
- **Unified Risk Management** — Streamlines Security Processes
- **Container Security** — Protect Container Technologies
- **Hands-on Security Labs** — Build Security Skills
- **Package Firewall** — Detects Malicious Packages
- **Secure Coding Training** — Builds Developer Awareness

### [Dynamic Analysis (DAST)](https://www.veracode.com/products/dynamic-analysis-dast/)
*Product*
Identify and mitigate runtime vulnerabilities efficiently.

- **Runtime vulnerability detection** — Detect Runtime Vulnerabilities
- **Real-time scanning** — Perform Scans Anytime
- **AI-driven analysis** — Enhance Detection Accuracy
- **Integration with CI/CD** — Automate Security Checks

### [Software Composition Analysis (SCA)](https://www.veracode.com/products/software-composition-analysis/)
*Product*
Mitigate open-source risks and secure your applications effectively.

- **Open-source Vulnerability Detection** — Identify Open-source Risks
- **Compliance Assurance** — Maintain Compliance
- **Automated Remediation Guidance** — Receive Actionable Insights

### [Penetration Testing as a Service (PTaaS)](https://www.veracode.com/products/penetration-testing/)
*Service*
Identify and mitigate security gaps with expert penetration testing services.

- **Regularly Scheduled Testing** — Ensures Continuous Security
- **Expert Testers** — Access Professional Expertise
- **Compliance-Focused Testing** — Meets Compliance Standards
- **Actionable Reporting** — Informs Remediation Strategy

### [AI-Generated Code Defense](https://www.veracode.com/ai-solutions/)
*Solution*
Proactively defends against security risks in AI-generated code.

- **AI Code Vulnerability Detection** — Detects AI Code Vulnerabilities
- **Proactive Risk Management** — Mitigates AI-Generated Code Risks
- **Simplified Remediation** — Streamlines Vulnerability Fixing

### [Protect the Software Supply Chain](https://www.veracode.com/secure-the-software-supply-chain/)
*Solution*
Guard Against Cyberattacks Targeting Software Supply Chains.

- **Supply Chain Protection** — Safeguards Your Software Pipeline
- **Risk Detection** — Detect Vulnerabilities Early
- **Automated Governance** — Streamline Compliance
- **Response Mechanism** — Mitigate Risks Quickly

### [Risk Remediation](https://www.veracode.com/risk-manager/)
*Solution*
Effectively mitigate application risks and enhance security posture.

- **Risk Remediation** — Mitigate Security Risks
- **Unified Risk Management** — Achieve Unified Visibility
- **AI-Powered Insights** — Enhance Decision-Making

### [Secure Entire SDLC](https://www.veracode.com/integrate-security-into-the-sdlc-1/)
*Solution*
Integrates security seamlessly throughout the entire software development lifecycle.

- **SDLC Security Integration** — Enhances Security Across All Stages
- **Automated Vulnerability Remediation** — Reduces Time to Fix Issues
- **Unified Risk Management** — Streamlines Risk Assessment
- **Security Training Integration** — Cultivates Secure Coding Skills

## Market Segments

- **Static Application Security Testing (SAST)**: Static analysis that detects code-level vulnerabilities during development and provides remediation guidance, including detection for AI-generated code.
- **Dynamic Application Security Testing (DAST)**: Runtime analysis of running web and API applications to identify environment- and runtime-specific vulnerabilities, with CI/CD integration and real-time scanning.
- **Open-source Risk Management**: Discovery, vulnerability and license risk assessment, and automated remediation guidance for third-party and open-source components across the build and dependency supply chain.
- **Penetration Testing as a Service**: Expert-led, regularly scheduled or on-demand penetration testing with actionable reporting and compliance-focused testing to validate controls and prioritize remediation.
- **DevSecOps Integration**: Security capabilities embedded into CI/CD and the SDLC — automated scanning, governance, security training, and remediation workflows to shift security left and accelerate secure delivery.
- **Application Security Platform**: Unified application security management offering centralized visibility, AI-driven risk prioritization (ASPM), remediation orchestration, and developer enablement across testing modalities.
