Veracode Strengthens Cloud Security Portfolio with Longbow Security

By Greg Tavarez, TMCnet Editor  |  April 10, 2024

Almost three-fourths of organizations struggle with a hidden vulnerability known as "security debt," according to a Veracode report. This refers to weaknesses in software applications that haven't been addressed for at least a year. These lingering flaws create a larger attack surface for cybercriminals and put sensitive data and critical systems at risk.

Despite the urgency, security teams often lack clear visibility into all potential threats within their cloud environments and applications. This can make it difficult to prioritize which vulnerabilities to fix first. Additionally, security professionals are bombarded with a constant stream of alerts that leads to "alert fatigue." This information overload can make it challenging to distinguish critical issues from background noise.

New solutions are needed to improve visibility, streamline prioritization and empower security professionals to effectively manage their workload.

Enter Veracode.

Veracode is a provider of application risk management solutions. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Using powerful AI trained on a carefully curated, trusted dataset from experience analyzing trillions of lines of code, Veracode customers fix flaws faster with high accuracy.

In more recent news, the company announced its acquisition of Longbow Security, a company specializing in cloud-native security risk management. This acquisition strengthens Veracode's commitment to helping organizations manage and reduce application security risks in an increasingly complex threat landscape.

By integrating Longbow's technology, Veracode offers customers four key benefits: unified risk visibility, streamlined remediation, actionable insights and continuous monitoring.

With unified risk visibility, customers gain a comprehensive view of security risks across applications, code and cloud environments. This lets teams prioritize the most critical issues impacting the business.

Streamlined remediation allows customers to leverage Veracode's AI-powered remediation capabilities to prioritize and efficiently address vulnerabilities across the entire development lifecycle, from code to cloud deployment.

Actionable insights let customers receive "Best Next Action" recommendations to guide root cause analysis and identify the most effective remediation strategies.

Lastly, continuous monitoring allows customers to benefit from real-time vulnerability discovery across application portfolios and runtime environments.

“By joining forces with Veracode, our combined solutions provide unmatched visibility, automation and remediation capability for security and engineering teams,” said Derek Maki, co-founder and Chief Product Officer at Longbow. “We are excited to take cloud-native application security to the next level.”

The integration of Longbow into Veracode enables security teams to discover cloud and application assets quickly and easily assess their threat exposure using automated issue investigation and root cause analysis.

“Security teams are drowning in alerts that lack sufficient detail on the level of business risk, degree of exploitability of a flaw and specific code-level insight to keep pace with remediation requirements,” said Brian Roche, Chief Product Officer at Veracode. “With the combination of Veracode and Longbow, teams can get a comprehensive view of their risk, automate prioritization of what matters most, and, with Veracode Fix, automate remediation of code security flaws.”

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]