KuppingerCole Names Veracode an Overall Leader for Software Supply Chain Security

BURLINGTON, Mass. — Veracode, a leading provider of intelligent software security solutions, today announced it has been named an Overall Leader in the inaugural Software Supply Chain Security (SSCS) Leadership Compass 2023 by KuppingerCole Analysts AG. The report assesses vendors based on innovativeness, market position, financial position, and tech ecosystem. Veracode is also positioned as a Product Leader for functional strength and completeness of service, and an Innovation Leader for its customer-oriented upgrade approach in delivering cutting-edge features. Richard Hill, Director of IAM Research and Lead Analyst at KuppingerCole, who authored the report, said, “Veracode’s customer base comprises SMB to enterprise-level organizations located primarily in North America, with good growth in the EMEA, APAC, and Latin America. It also supports a good partner ecosystem commensurate to those customer regions. Veracode is a leader in all KuppingerCole Leadership Compass categories and provides depth in source, API security, and vulnerability detection SSCS capabilities while providing visibility of key SSCS indicators. Veracode should be considered when evaluating SSCS solutions.” Making Software Supply Chain Security a Top Priority The software supply chain has hit headlines several times in recent years, most notably with the attack on SolarWinds in late 2020. These types of attacks led the U.S. government to issue an Executive Order on Improving the Nation’s Cybersecurity in May 2021, which called for the modernization of software security practices, such as mandating a Software Bill of Materials (SBOM) for products. The Leadership Compass is the industry’s most detailed and in-depth analysis of the emerging end-to-end software supply chain security market. It assesses a vendor’s ability to secure the entire software development life cycle (SDLC) process throughout the entire CI/CD (Continuous Integration/Continuous Delivery) pipeline. The study evaluates market segment, vendor service functionality, relative market share, and innovative approaches to providing SSCS solutions for specific organizational needs. Continuous Software Security Throughout the SDLC Veracode’s integrated platform bridges the needs of security and development teams by seamlessly embedding application security into the SDLC. Powered by nearly two decades of proprietary data, the platform provides a comprehensive view of risk, remediation guidance, and progress at every stage of the development process. In the SSCS Leadership Compass, Veracode’s platform was hailed for strengths in API security features, visibility and reporting, vulnerability & secrets detection, and offering multiple SBOM formats. The company was also evaluated for its good customer growth and global partner ecosystem. Eric Swenson, Vice President of Product Marketing at Veracode, said, “Increased reliance on third-party and open-source code, combined with emerging regulations to drive standardization and governance, has made supply chain security a top priority for organizations. Until recently, they haven’t had all the necessary data to make an informed decision on how best to mitigate risk in their supply chains. The KuppingerCole SSCS Leadership Compass is the best definition of this emerging market to date. We are proud to position as a leader in every category, and achieve a Strong Positive for every product capability analyzed.”