Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

9/12/2014
01:35 PM
50%
50%

Veracode Secures $40M In Funding As IPO Looms

Security firm plans to increase investments in sales, marketing, and research and development.

Security firm Veracode scored a $40 million boost in a late-stage funding round led by Wellington Management Co.

Founded in 2006, Veracode offers a cloud-based platform for application security. The money comes as the company prepares for an initial public offering that Veracode co-founder and CTO Chris Wysopal tells Dark Reading the company hopes will happen in the next 12 to 24 months.

"The funding will accelerate our ability to continue innovating (including via potential acquisitions) in key areas such as web application perimeter monitoring, mobile application security and reducing risk from third-party and open source components via our cloud-based service," Wysopal says in an email.

The investment comes at a time of acquisitions in the application security space. Earlier this year, application security rival Coverity was acquired by Synopsys, and Trustwave acquired Cenzic a few months ago as well. In 2012, Veracode acquired Marvin Mobile Security, a developer of a mobile app analysis service, to boost its own capabilities. 

The company has some very large competitors in the app security space, including Hewlett-Packard and IBM. Still, Veracode CFO Ed Goldfinger says in a statement that Veracode's subscription-based business model combined with its technology, service levels, and expertise in application security have enabled the company to succeed. According to the company, it secures hundreds of the world’s largest global enterprises, including three of the top four banks in the Fortune 100 and more than 25 of the world’s top 100 brands.

Veracode's core technology was developed at consulting firm @stake, which was acquired by Symantec in 2004. Two years later, the founders spun Veracode out of Symantec and went their own way. According to Veracode, the $40 million investment will also go towards aiding the company's expansion across the globe by increasing investments in sales and marketing. Last year, Veracode says it grew by 50 percent.

According to Fortune, this most recent round of funding brings the total amount the company has raised to $134 million.  

Bob Brennan, CEO of Veracode, said in a statement:

This investment accelerates our ability to help the world’s leading organizations systematically reduce cyber risk enterprise-wide. Our goal is to speed the pace of business innovation with a more scalable, next-generation approach that industrializes application security controls across our customers' web, mobile and third-party applications. This latest round of funding enables us to maintain our growth trajectory as we both gain new customers and expand our scope across our existing customers’ global application infrastructures.

Brian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance reporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the tech industry. Before that, he worked as a ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
9/15/2014 | 3:49:00 PM
veracode
It's been really interesting watching the evolution of Veracode, alongside the evolution of secure app development. The imminent IPO is a good sign for SDL, IMHO.
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
Kelly Sheridan, Staff Editor, Dark Reading,  8/22/2019
Capital One Breach: What Security Teams Can Do Now
Dr. Richard Gold, Head of Security Engineering at Digital Shadows,  8/23/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15540
PUBLISHED: 2019-08-25
filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user.
CVE-2019-15538
PUBLISHED: 2019-08-25
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a ...
CVE-2016-6154
PUBLISHED: 2019-08-23
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
CVE-2019-5594
PUBLISHED: 2019-08-23
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI.
CVE-2019-6695
PUBLISHED: 2019-08-23
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all versions below 6.2.1 may allow an attacker to implant third-party programs by recreating the image through specific methods.