Custom Cleansers, Accelerated Results, Greenlight Auto-Scan and Perl language Enable DevSecOps
Veracode, a leader in securing the world’s software and recently acquired by CA Technologies (NASDAQ: CA),announced four new features in its industry-leading Veracode Application Security Platform: Accelerated Results, Custom Cleansers, Greenlight Auto-Scan and Perl language support. With these new features, Veracode is further enabling developers to work faster and more securely across more applications.
To keep up with the growing demand for applications, the nature of software development is changing. Developers are moving to more rapid development cycles and application security needs to keep pace. According to the Puppet State of DevOps Report, the highest performing development teams are addressing security at every stage of the software development and delivery cycle rather than retrofitting security at the end – and they’re spending 50 percent less time remediating security issues as a result.
In alignment with the continuous development mindset, the new features within the Veracode Application Security Platform help developers reduce risk in their applications with improved time to results, accuracy and portfolio coverage:
Accelerated Results provides developers with security findings as each application module finishes scanning. This new feature empowers developers to address security issues sooner in the software development lifecycle (SDLC) by providing results up to eight-times faster than previous methods.
Custom Cleansers lets security architects and teams extend Veracode Static Analysis to recognize custom cleansing functions for common vulnerabilities including SQL injection, URL redirection, log forging, and header injection. This new feature allows developers to secure code faster with more accurate findings and actionable results.
Veracode Greenlight Auto-Scan is a hands-free feature that automatically scans a file the moment it is saved, eliminating the manual step for developers.
Perl language support helps security teams ensure that more of their portfolio, particularly web applications built using legacy languages, is secure.
“Developers want to reduce risk in their applications while maintaining the speed of development that CI/CD environments and DevOps demand,” said Tim Jarrett, Senior Director of Enterprise Security Strategy, Veracode. “By allowing them to review results faster and removing noise from the results, with the added advantage of support for legacy code, the new features within Veracode’s Application Security Platform empowers businesses to secure more of their application portfolios with fully automated security testing.”