IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.
Contributed

Veracode Secures StateRAMP Authorization to Protect State and Local Cybersecurity

Cloud-based Platform Exposes Vulnerabilities to Help Improve Reliability of Public Sector Software

May 05, 2023 • 
Veracode
BURLINGTON, Mass. – May 1, 2023 – Veracode, a leading provider of intelligent software security solutions, today announced its attainment of State Risk and Authorization Management Program (StateRAMP).

StateRAMP offers state and local government agencies a standardized approach toward compliance to help them improve their overall security posture. Veracode obtained FedRAMP authorization in July 2022, and this week’s authorization by StateRAMP reaffirms the company’s commitment to deliver cloud-based application security software to agencies at all levels of government—federal, state, and local.

“High-profile attacks and vulnerabilities are significantly impacting the software supply chain across industries, and state and local government is no different,” said Claire Bailey, Regional Vice President of Governmental Affairs at Veracode. “Agencies need capabilities that allow them to protect the application layer. This authorization enables Veracode to support evolving state and local government security requirements. We look forward to assisting the StateRAMP mission of improving the cyber posture of public institutions and the citizens they serve.”

Veracode’s intelligent software security platform provides comprehensive application-layer protection to reduce risk in today’s dynamic threat environment. The platform supports a range of current and emerging cybersecurity requirements and best practices, including:

  • Securing the software supply chain through capabilities such as the generation of a Software Bills of Materials (SBOM), which provides visibility into the open-source code components that are contained in a software product
  • Integrating security into software development from the beginning of the process (‘shifting left’)
  • Providing a developer-friendly user experience to integrate security into the software development life cycle
  • Supporting cloud-native development and managing risk across the application portfolio
  • Uniting security and development teams to address cybersecurity challenges

The StateRAMP authorization enables Veracode to support state and local agencies’ cybersecurity initiatives at a time of increased risk. A shortage of skilled IT security professionals has depleted the security teams of many state agencies, and Chief Information Security Officers report risks arising from persistent malware, ransomware, and phishing attempts, according to a recent National Association of State Chief Information Officers (NASCIO) survey.

Veracode’s recent State of Software Security 2023 report revealed that, over the last 12 months, more than 74 percent of applications contained at least one security flaw. Due to variation in the types of flaws that compromise application security, security teams should use a variety of scan types to discover elusive flaws.

Bailey added, “Security teams should have confidence in the options available to secure their cyber infrastructure and make their digital landscape a safer place overall. StateRAMP makes this goal much more attainable for state and local agencies. Veracode’s platform provides a single view of an organization’s security posture and compliance via powerful reporting and analytics, restoring confidence in the digital infrastructure of agencies.”

State and local agencies can access Veracode’s comprehensive software security platform—including static analysis, software composition analysis (SCA), dynamic analysis, pipeline scanning, eLearning, container scanning, API scanning, and infrastructure as code (IaC) scanning—on the StateRAMP Marketplace.

About Veracode


Veracode is a leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities. Learn more at www.veracode.com, on the Veracode blog, on Linkedin, and on Twitter.

Copyright © 2022 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.

Press and Media Contacts


Veracode:
Katy Gwilliam,
Head of Global PR, Veracode
kgwilliam@veracode.com
+44.7584.341.110
Related Links
veracode.com

Veracode
Veracode delivers the application security solutions and services today’s software-driven world requires. Veracode’s unified platform assesses and improves application security from inception through production so agencies can confidently innovate with the web and mobile applications they build, buy and assemble including the components they integrate into their environments.
See More Stories by Veracode
GT_rev.svg
gov-footer-logo-2024.png
gt-insider-logo-rgb-trans-white-med.png
GT NAVIGATOR logo RGB_TRANS_White_med.png
EM_rev.svg
Center for Digital Government
Center for Digital Education