The new language support improves accuracy for JavaScript programmers, which translates to faster development cycles; adds support for the increasingly popular Python language; and also enables organizations using older languages such as RPG to gain the benefits of application security testing for some of their most mission-critical applications.
The two-trillion milestone highlights both the scope and impact of the Veracode platform. It also underscores the awareness among software developers across mobile, web and traditional enterprise applications of the importance of addressing security as a key element of high-quality software.
The updated language support enhances coverage for popular languages such as Python and Xamarin, and deepens coverage for JavaScript template engines such as Mustache.js, Swig.js, Handlebar.js and Hogan.js. Veracode also announced scanning support for RPG, a language used in older mission-critical applications in some of today’s largest corporations. RPG scanning leverages technology from Veracode partner Optimyth, and is made possible by the extensibility of the Veracode platform, which enables a broader ecosystem of companies such as Optimyth to integrate their tools seamlessly into the platform.
“Software development evolves quickly, but applications themselves often last for decades.” said Sam King, Chief Strategy Officer for Veracode. “It takes constant investment to support the wide variety of languages our customer use today, as well as the applications they may have written years ago. We continue to make those investments so our customers can develop software using the tools they want, with the security they need.”
The two-trillion line milestone showcases both the power of Veracode’s SaaS platform, and the increased importance customers, regulators and consumers of applications are placing on security as a core element of high-quality software. In 2015 alone, Veracode customers remediated over 5 million potential vulnerabilities in their software. “That’s five million potential attacks that cannot happen due to our tools and our customers’ commitment to creating secure software,” said King.
To put it in perspective, the amount of code scanned by the Veracode platform would be equivalent to scanning the code base of 8 million computer games, each the size of Minecraft.[1]
“Today over 47,000 developers use our platform actively to help create more secure software,” added King. “We continue to invest in the speed and accuracy of the platform to meet the requirements of Agile and DevOps processes, which may release code to production daily or even more often. In fact we’re seeing some applications scanned well over 500 times in the course of a year, which is a hallmark of the fast cycle times of DevOps.”