Application Security
3/6/2017
04:58 PM
50%
50%

Veracode Snapped Up by CA Technologies in $614 Million Deal

CA acquisition of app security firm to close in the first quarter of fiscal year 2018.

CA Technologies today said it will acquire application security service firm Veracode for $614 million. 

Veracode, which celebrates its tenth anniversary this year, launched in 2007 with $19.5 million in venture capital funding and offering the industry’s first automated, on-demand security analysis services via a software-as-a-service (SaaS) platform.

The acquisition by CA is scheduled to close in the first quarter of fiscal year 2018, and is subject to regulatory approval. CA said Veracode will boost its position in the Secure DevOps market.

"Software is at the heart of every company’s digital transformation. Therefore, it’s increasingly important for them to integrate security at the start of their development processes, so they can respond to market opportunities in a secure manner," said Ayman Sayed, CA Technologies president and chief product officer. "This acquisition will unify CA’s Security and DevOps portfolios with a SaaS-based platform that seamlessly integrates security into the software development process. Looking holistically at our portfolio, now with Veracode and Automic, we have accelerated the growth profile of our broad set of solutions. We now expect that the size of our growing solutions within our Enterprise Solutions portfolio will eclipse the more mature part of the Enterprise Solutions portfolio in FY19."

Veracode was founded by famed security expert Chris Wysopal, and fellow former @stake executives Christien Rioux and Mike Pittenger. 

For more information on the acquisition, see CA's blog.

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.