BURLINGTON, MA--(Marketwired - Nov 16, 2016) - Veracode, a leader in securing the world's software, today announced a new extension that integrates the Veracode Application Security Platform with Microsoft Visual Studio Team Services (VSTS). The extension will enable developers and engineering teams using VSTS to apply application security testing into their DevOps environments or other continuous deployment models.
Enabling Secure DevOps
The integration simplifies the delivery of secure applications by moving vulnerability assessments earlier in the development process. This will enable developers to create applications that meet market demand on schedule, without compromising on security. In addition, the solution offers fewer disruptions for developers through integrated testing within the development lifecycle -- thereby reducing friction between security and development teams.
Integrating Security into the Development Process
Veracode is the first application security provider to join the Microsoft VSTS Marketplace. Developers can now statically scan an application and receive results without additional manual effort. Teams can choose to use high accuracy of the Veracode scan to automatically stop the build or release pipeline if a vulnerability violates the company's policy. Teams can also create their own policy scans or Developer Sandbox scans with the VSTS extension, allowing them to choose the Veracode scanning workflow that best works for them.
"The focus of continuous deployment models like DevOps on automated, integrated testing presents an opportunity to build security into the development lifecycle, improving application security without impacting delivery times," said Tim Jarrett, senior director of security, Veracode. "This solution enables developers to code securely, meeting the needs of both developers and security teams by delivering secure applications on time."
Shawn Nandi, senior director, Microsoft Corp. said, "The Veracode extension for Visual Studio Team Services allows developers to test applications and resolve security flaws early in the development lifecycle. Now, teams can rely on VSTS to automatically raise an alarm if a critical issue is found. This reduced risk exposure paired with the ability to accelerate the delivery of secure applications will enable companies to realize the full potential of DevOps environment."
Development team leads or release engineers can install Veracode's VSTS integration extension into their VSTS instance from the Microsoft VSTS Marketplace, or download it for their local Microsoft Team Foundation Server. For more information, visit the Microsoft VSTS Marketplace: https://marketplace.visualstudio.com/items?itemName=Veracode.veracode-vsts-build-extension
Veracode is a leader in helping organizations secure the software that powers their world. Veracode's SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Our complete set of offerings help customers reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements, and cost effectively secure their software assets- whether that's software they make, buy or sell.
Veracode serves over a thousand customers across a wide range of industries, including nearly one-third of the Fortune 100, three of the top four U.S. commercial banks and more than 20 of Forbes' 100 Most Valuable Brands. Learn more at www.veracode.com, on the Veracode blog and on Twitter.
Copyright © 2006-2016 Veracode, Inc. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.