Veracode Sets New Benchmark for Application Risk Management: Securing Modern Development in the AI Era

BURLINGTON, MA, UNITED STATES, November 20, 2025 /EINPresswire.com/ -- Veracode, the global leader in application risk management, today reinforced its position as the pioneer in holistic software security from code to cloud. Globally recognized as leading the transition from Application Security to Application Risk Management (ARM), Veracode delivers measurable returns on security investment for thousands of organizations across industries including finance, healthcare, retail, and the public sector.

With AI Expanding the Attack Surface, Veracode Delivers “Always-on” Security

As AI adoption accelerates and open-source dependency soars, organizations face mounting threats that outpace traditional point-in-time controls. More than three quarters of organizations fell victim to cyberattacks over the past year. With the average time to fix security flaws now at 252 days, enterprises cannot afford to expose themselves to risk that has the potential to cripple their infrastructure.

"We are operating in the most dangerous time for software security," said Brian Roche, Veracode CEO. "Developers work faster than ever, which means vulnerabilities—if unchecked—can reach production at an unprecedented speed. Today, every line of code—whether written by developers, sourced from open-source libraries, or generated by AI—represents a potential risk that requires continuous defense."

Veracode’s State of Software Security 2025 report reveals half of organizations harbor critical security debt—vulnerabilities left unfixed for longer than a year. The company’s latest research found AI introduces security vulnerabilities 45 percent of the time. Supply chain attacks have surged more than 1,300 percent in the past three years, frequently originating from malicious or compromised open-source packages.

As developers leverage generative AI to code faster, the risk to businesses accelerates. Veracode addresses this challenge with automation that ensures detected vulnerabilities are fixed in real time, coupled with continuous analysis to detect and block flaws before they even enter the codebase.

Comprehensive Supply Chain Security is Critical

Over nearly two decades, Veracode has continuously evolved its platform to meet the demands of modern software development. Today, the company delivers a fully integrated solution that empowers global enterprises to manage risk continuously throughout the entire software lifecycle—from code creation through cloud deployment.

Veracode’s ARM platform embeds continuous security and risk insight into development workflows. With centralized risk visibility, security leaders get a unified, real-time dashboard of all application assets and associated risks. Veracode’s supply chain security capabilities proactively block attempts to import vulnerable or malicious third-party code, protecting organizations before threats enter the lifecycle. AI-driven analytics enable prioritized remediation and enforcement of standards, ensuring security keeps pace with the speed of innovation.

Client outcomes underscore these benefits. Tecnimont Services, the digital services subsidiary of the MAIRE group, a global leader in technology and engineering solutions, partnered with Veracode to reinforce security in its Cyber Fusion Center and expand its cybersecurity service offering to code unification governance. By implementing Veracode's comprehensive ARM platform, Tecnimont Services enhanced vulnerability management, improved operational security, and increased efficiency in managing complex multi-cloud environments.

Francesco Pisani, Head of Cloud Center of Excellence at Tecnimont Services, said, "Veracode offered us the ideal platform to manage our diverse application environment. Specifically, Veracode Fix proved to be a real enabler in the management of complex multi-cloud environments, supporting us to reach higher levels of efficiency and effectiveness, bringing significant value to us and our clients.”

Securing the Future: Continuous and Integrated Application Risk Management

“As the threat landscape evolves, organizations need security partners who can adapt just as rapidly,” said Sarah Law, Senior Vice President of Business Operations at Veracode. “Our platform provides customers an expansive, real-time view of their risk, including assets and dependencies. We empower them to secure their future not only by identifying risks throughout the development cycle, but by enabling their teams to respond with confidence and speed.”

Looking ahead, Veracode’s proactive, intelligence-driven approach positions customers to capitalize on the transformative opportunities presented by AI and open-source innovation, while simultaneously mitigating risk before it can impact business outcomes. Veracode continues to invest in advanced risk modeling, automated remediation, and continuous supply chain assurance, equipping clients to anticipate, prevent, and resolve threats—no matter how quickly their software evolves.

"Our comprehensive application risk management platform addresses modern security challenges," Roche emphasized. "By delivering end-to-end visibility paired with intelligent automation, we provide assurance that an organization's software remains secure. Developers can leverage AI and innovate rapidly, knowing Veracode is keeping them safe—we've built the guardrails that keep security and development velocity perfectly aligned."

A new documentary spotlighting Veracode's mission to protect the world's software is now available to watch, offering an inside look at how the application risk management pioneer is helping organizations defend against an unprecedented wave of cyber threats.

Watch the campaign live here.


About Veracode

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale.

Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, Malicious Package Detection, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog (https://www.veracode.com/blog), and on LinkedIn (https://www.linkedin.com/company/veracode/)  and X (https://x.com/Veracode).

Copyright © 2025 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.

Claudia Gahan
Acumen Media
+44 20 3553 3664
email us here

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.