Getting developers to address security issues during the development of their applications as opposed to after they have been deployed is a cherished goal of most IT organizations. Fixing a security issue after an application is deployed is obviously several orders of magnitude more expensive. To help drive awareness of security into the application development […]
Getting developers to address security issues during the development of their applications as opposed to after they have been deployed is a cherished goal of most IT organizations. Fixing a security issue after an application is deployed is obviously several orders of magnitude more expensive.
To help drive awareness of security into the application development process, CA Technologies has plunked down $614 million to acquire Veracode, a provider of a suite of security testing software that is delivered using a software-as-a-service (SaaS) model.
Mordecai Rosen, general manager for the security business at CA Technologies, says Veracode is the latest in a series of acquisitions that the company has been making to expand its DevOps portfolio.
“We see this as an opportunity to bridge DevOps and security,” says Rosen.
Veracode CTO Chris Wysopal says the challenge going forward is to make it simple enough for developers to embrace security within the context of their existing application development projects.
“Application security can’t be a separate discipline,” says Wysopal.
The degree to which developers address security issues at the front end of the development process affects everything from how secure the application is to the amount of risk being assumed by the organization that deploys it. The trouble is that no matter how long that’s been the case, far too many developers have for one reason or another not made application security a core part of their ethos.
A major reason for that, of course, is that security was either viewed as too hard to implement and verify or simply seen as someone else’s job. But as more developers are finally held accountable for the security of the code they write, there’s finally starting to emerge a corresponding amount of interest among developers in finding the most efficient way to achieve it.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
