Veracode, a leader in securing the world’s software recently acquired by CA Technologies, has been named a Leader in The Forrester Wave: Static Application Security Testing, Q4 2017 report by Forrester Research.
The report is based on the detailed evaluation of the 10 most significant vendors in static application security testing (SAST).

According to The Forrester Wave: Static Application Security Testing, Q4 2017, the analyst report stated that in addition to its application security platform, CA Veracode “offers the Greenlight IDE plug-in for early, on-the-fly SAST checking”.

The report also states that CA Veracode “shows very strong support for binary and byte code scanning as well as wide support of source code language”.

“CA Veracode’s mission is to help create a world where secure software is synonymous with great software, where the applications that matter are made to be secure from the start,” says Jaco Greyling, chief technology officer: DevOps solutions at CA Southern Africa. “As such, we believe Forrester’s recognition of us as a leader is a result of our dedication to ensuring that both security and development professionals have the best tools at their fingertips to deploy world-class and secure applications.”

To achieve this mission, CA Veracode has evolved its static application security testing family of products to meet the changing needs of development and security professionals. CA Veracode Greenlight provides security results in seconds so developers can secure their code as they write it, while the CA Veracode Static Analysis analyses the binary code of applications for unknown vulnerabilities in a scalable, repeatable format.

CA Veracode’s Developer Sandbox functionality enables engineers to test and fix code between releases without triggering a failed policy compliance report to the security team.

Vendors were evaluated across 29 criteria including their ability to offer a variety of SAST capabilities suitable for developers and security professionals. These capabilities include source code scanning with broad language support, incremental scans, quality gates and integrations with developer tools such as IDEs and build tools.

CA Veracode extends application security across the entire software lifecycle by empowering development teams with the tools to test early, giving security teams with the solutions they need to govern security issues, and enabling operations teams maintain applications’ security resulting in reduced application risk.