Veracode’s Strong Performance Continues for First Half of 2008 Highlighted by Numerous Customer Additions and Industry Accolades

Application Security Leader’s Vision and Expertise Recognized and Sought by Industry Organizations and Customers

Burlington, Mass. – July 29, 2008 – Veracode Inc., the world’s leader for on-demand application security testing solutions, today announced that it has concluded the first half of 2008 with more than 600 percent growth in bookings, as compared to the first half of 2007. The significant growth experienced in the U.S. and Europe in 1H08 was further accentuated by the numerous industry awards Veracode secured and the major service enhancements the company introduced.

Veracode’s significant customer growth was highlighted by key wins across a variety of industry sectors, including financial services, government, software, technology, media, energy and business services. The company’s rapid success in the application security market comes as both enterprises and independent software vendors struggle to control risk associated with application vulnerabilities. By providing a cost-effective and easy-to-use on-demand service for application security testing without requiring access to source code, Veracode gives users clear, actionable insight into the security posture of applications developed in-house, outsourced to third-parties or purchased off-the-shelf.

“Veracode’s 2008 sales growth, customer acquisition, and market recognition in the first half of 2008 is a testament to the growing awareness that organizations need to minimize and control risk through application security testing,” said Matt Moynahan, CEO of Veracode. “Our daily mission continues to be to demonstrate to prospective customers and partners that Veracode is the easiest and most cost-effective path to ensuring their applications are secure and their security risk exposure is minimized. Given the dynamic nature of the threat environment, we continue to believe that delivering application security testing as a service is a fundamentally better way of securing applications while allowing enterprises to focus on their core business.”

Understanding the need to minimize customer risk, Veracode also introduced the first portfolio of subscription-based services that enable organizations to obtain a single view of security risks of applications developed offshore, or those inherent in commercial off-the-shelf software (COTS). The Veracode SecurityReview® service is based on patented, static binary testing technology and dynamic web scanning analysis. It is the industry’s first solution specifically designed to overcome the limitations of traditional tools and manual penetration tests that require significant security expertise and long and costly implementation cycles.

Other noteworthy achievements

• Awards: Veracode continued to garner a significant number of accolades from several industry organizations in Europe and the U.S., including winning SC Magazine Europe’s Best Vulnerability Assessment Solution category and the SC Innovation Award; the 2008 Reader’s Choice Award from Information Security Magazine and SearchSecurity.com; the Tomorrow’s Technology Award from Info Security Products Guide; the AlwaysOn Northeast 100 Top Private Company Award; the Information Security Project of the Year from The Banker Technology Awards 2008; the MITX Data Protection and Sector Impact award; and “Cool Vendor” designation from leading analyst firm, Gartner. Veracode executives also garnered individual honors, including Chris Wysopal’s inclusion in the InfoWorld’s Top 25 CTOs for 2008 and Matt Moynahan’s position as a finalist for the Ernst & Young’s Entrepreneur of the Year award.
• Partnerships: Continuing the expansion of its global partner network, Veracode signed partnerships with Patriot Technologies, the trusted source for the federal government’s information security solutions; and Tech Mahindra, a leading provider of IT and business solutions to the telecommunications industry in India.
• Appointments: The Company also strengthened its executive management team by adding Robert DeRodes, CIO of The Home Depot, to its Board of Directors. Additional appointments included Kimberly Baker to vice president of government markets and Seksom Suriyapa to senior vice president of business development.
• Thought Leadership: Veracode spoke at nine industry events in the first half of 2008. CEO Matt Moynahan addressed best practices for secure software procurement at Gartner’s IT Security Summit and discussed the state of software security at Infosecurity Europe 2008 and the BITS Security Forum. Other members of the executive team presented at SOURCE Boston, Contingency Planning and Management Conference, Patriot Technologies Client Conference, America’s Growth Capital Information Security Conference and the RSA Conference 2008.

About Veracode

Veracode is the world’s leader for on-demand application security testing solutions. Veracode SecurityReview is the industry’s first solution to use patented binary code analysis and dynamic web analysis to uniquely assess any application security threats, including vulnerabilities such as cross-site scripting (XSS), SQL injection, buffer overflows and malicious code. SecurityReview performs the only complete and independent security audit across any internally developed applications, third-party commercial off-the-shelf software and offshore code without exposing a company’s source code. Delivered as an on-demand service, Veracode delivers the simplest and most-cost effective way to implement security best practices, reduce operational cost and achieve regulatory requirements such as PCI compliance without requiring any hardware, software or training.

Veracode has established a position as the market visionary and leader with awards that include recognition as a Gartner “Cool Vendor” 2008, Info Security Product Guide’s “Tomorrow’s Technology Today Award 2008,” Information Security “Readers’ Choice Award 2008,” AlwaysOn Northeast’s “Top 100 Private Company 2008”, NetworkWorld “Top 10 Security Company to Watch 2007,” and Dark Reading’s “Top 10 Hot Security Startups 2007.”

Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas Venture and Polaris Venture Partners. For more information, visit www.veracode.com.

Contacts:
Beth O’Connell
Lois Paul & Partners
781.782.5715
Beth_OConnell@lpp.com