Veracode Delivers End-to-End Risk Coverage with New Tools: AI-Powered Dynamic Analysis Security Testing with External Attack Surface Management
Seamless Integration and Speed: Latest Innovations Empower Faster, Smarter, and Safer Software Security
Veracode, a global leader in application risk management, today announced new capabilities to help organizations address emerging threats, giving security professionals better visibility and control in one place. The launch includes new AI-powered functionality in the Dynamic Application Security Testing (DAST)product and an External Attack Surface Management (EASM) capability. Together, they enable security teams to discover their entire attack surface and prioritize the most critical risk to streamline and simplify security scanning.
“Security teams need to see and secure everything; not only what is inside their perimeter,” said Derek Maki, Head of Product at Veracode. “With our latest DAST capabilities and Application Risk Management platform enhancements, we’re helping organizations shift from vulnerability scanning to holistic risk management, to better identify risk residing in unidentified external assets.”
Tackling Risk Across a Growing Attack Surface
Modern development cycles and cloud adoption mean organizations are grappling with a rapidly expanding attack surface. According to the 2024 Verizon Data Breach Investigations Report, web applications remain a primary target for cyberattacks, accounting for nearly half of all incidents. Moreover, Veracode’s latest software security research found an alarming increase in the average fix time for flaws once discovered, with organizations taking three months—or 47 percent— longer than five years ago.
Veracode’s latest innovations address these critical challenges head on by offering frictionless integration for comprehensive risk management, faster remediation, and intuitive scans with real-time results. Organizations can more effectively balance the speed of modern development with software security.
Automated Discovery, Risk-based Prioritization, and Real-time Reporting
Veracode EASM capabilities automate external attack surface discovery by identifying and continuously monitoring potential entry points for bad actors. The product automatically tracks internet-exposed systems and services, including APIs, web apps, mobile applications, and cloud-based assets—many of which are often unknown or unmanaged. With automated discovery, EASM uncovers blind spots and delivers:
- Complete Visibility: Consistent identification and monitoring of all external assets to reduce visibility gaps.
- Risk-Based Prioritization: Streamlined focus on the most critical threats to minimize points of entry for an attacker.
- Seamless Security Integration: With a connector to Veracode Risk Manager (VRM) planned for later this year, static (SAST), software composition (SCA), and dynamic analysis findings are prioritized and contextualised in one place, giving a holistic view of risk and control.
Maki said, “In today’s threat landscape, organizations must contend with an unprecedented number of potential entry points,” Maki explained. “Veracode EASM provides security teams with the attacker’s perspective and delivers the capability to continuously identify, analyze, and mitigate risks before exploitation can occur.”
Veracode’s new Enterprise Mode for DAST Essentials is a significant advancement in dynamic application security testing. Leveraging the capability, security teams can more easily prioritize and remediate critical vulnerabilities in web applications and APIs.
With features designed to accommodate large-scale, complex application portfolios, key capabilities include:
- Advanced crawling and auditing for deep, highly customizable, and accurate scanning
- AI-Assisted auto-login to reduce authentication failures and easily implement the DAST program across the organization
- Internal Scan Management (ISM) for scanning behind corporate firewalls
- A Streamlined, intuitive interface for faster, simpler setup and configuration
- Real-time flaw reporting and a panoramic view of risk across projects
"DAST Enterprise Mode empowers security teams to work faster, smarter, and safer,” noted Maki. “With real-time analysis in a unified platform, it eliminates the challenge of fragmented tools and enables mature, resilient risk management with centralized visibility and control.”
Experience the Tools Live at RSAC 2025
Veracode will showcase its latest capabilities at RSAC Conference in San Francisco (April 28 - May 1, 2025). Visit booth #1243 for interactive demos and expert discussions on how to stay ahead of emerging threats and improve security posture.
Learn more about Veracode’s products on the website.
About Veracode
Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform offers adaptive software security and is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, Malicious Package Detection, and Penetration Testing.
Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and X.
Copyright © 2025 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250423385599/en/
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Dubai Electricity and Water Authority PJSC Reports a Record AED 14.6 Billion in Revenue for the First Half of 2025 and Approves Dividend Payment of AED 3.1 Billion8.8.2025 17:47:00 CEST | Press release
Dubai Electricity and Water Authority PJSC (ISIN: AED001801011) (Symbol: DEWA), Dubai’s exclusive electricity and water services provider, which is listed on the Dubai Financial Market (DFM), today reported its first half 2025 consolidated financial results, recording first half revenue of AED 14.6 billion, EBITDA of AED 7.0 billion, operating profit of AED 3.7 billion, net profit of AED 2.9 billion and cash from operations of AED 9.2 billion. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250808832927/en/ Dubai Electricity and Water Authority PJSC reports a record AED 14.6 billion in revenue for the first half of 2025 and approves dividend payment of AED 3.1 billion (Graphic: AETOSWire) “DEWA is committed to be an innovative and sustainable corporation inspired by the vision of His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai, and the directives of His Highn
Philippine Government and Sutherland Launch AI Academy to Equip Filipinos with Future-Ready Skills8.8.2025 15:54:00 CEST | Press release
Sutherland, a global leader in business and digital transformation, has partnered with the Philippine Government to launch a dedicated AI Academy. This strategic initiative supports the Philippine government’s broader efforts to empower the Filipino workforce for an AI-driven future. The AI Academy will offer practical, industry-aligned training designed to equip Filipino professionals with skills to integrate artificial intelligence into their work. It aims to strengthen the country’s talent pool by developing capabilities that are increasingly in demand across sectors, whether as AI specialists, prompt engineers, or cybersecurity professionals. The program will prepare participants to harness AI in driving productivity, advancing innovation, and pursuing high-value opportunities across industries. “This initiative is a vital step toward our goal of building a digitally resilient and inclusive workforce, said President Ferdinand R. Marcos Jr. “By expanding access to training in future
Baraja Appoints IP Pioneer to Lead Global Sale of Spectrum-Scan™ LiDAR IP Assets8.8.2025 15:00:00 CEST | Press release
IP Pioneer appointed to lead competitive acquisition process Baraja Pty Ltd (“Baraja”), the Australian pioneer behind the revolutionary Spectrum‑Scan™ LiDAR architecture, has announced a global initiative to commercialize its full suite of patented LiDAR intellectual property and technical assets. The company has appointed IP Pioneer Group Incas the exclusive worldwide advisor to manage this competitive transaction process. Baraja redefined LiDAR performance through its Spectrum-Scan™ technology—a transformative solid-state architecture that steers the laser beam by tuning its wavelength through a dispersive prism or grating, eliminating moving parts. This breakthrough enables long-range, high-resolution 3D sensing that is inherently immune to alignment drift, sunlight, and multi-LiDAR interference. Having achieved significant technical milestones in LiDAR innovation, Baraja is now strategically evolving its business focus to pursue new frontiers in sensing and perception. This initiat
Andersen Consulting annoncerer samarbejdsaftale med Virtual, Inc.8.8.2025 14:48:00 CEST | Pressemeddelelse
Andersen Consulting offentliggør en samarbejdsaftale med Virtual, Inc., et amerikansk firma, der er kendt for sin dybe ekspertise inden for strategi og drift for teknologikonsortier, standardudviklingsorganisationer og andre medlemsdrevne grupper. Virtual, Inc. er kendt for sin praktiske tilgang og resultatorienterede arbejdsmetode og har dokumenteret efaring inden for støtte til missionsdrevne, samarbejdsbaserede organisationer. Med en boutiquevirksomheds smidighed og en global aktørs kapaciteter hjælper Virtual førende teknologivirksomheder og standardiseringsorganer med at fremskynde innovation, opnå enighed og øge indflydelsen på tværs af det digitale økosystem. Siden grundlæggelsen i 1999 har Virtual leveret skræddersyet strategisk rådgivning og driftsmæssig support til kunder over hele verden – navnlig inden for teknologisektoren – med tjenester, der spænder over governance, medlemskabs- og certificeringsadministration, support til udvikling af standarder, eventmanagement, market
Andersen Consulting tilføjer samarbejdspartneren 460degrees8.8.2025 14:39:00 CEST | Pressemeddelelse
Andersen Consulting styrker sin strategi og sine teknologiske transformationsevner med tilføjelsen af samarbejdspartneren 460degrees, hvilket yderligere styrker organisationens mulighed for at hjælpe kunder med at skabe innovation, transformation og forretningsresultater på stadig mere komplekse markeder. 460degrees blev stiftet i 2004 og leverer specialiserede tjenester inden for projektlevering, strategisk datastyring, transformationsrådgivning, cybersikkerhed og digital tillid. Virksomheden leverer konsulentløsninger til kunder i en række brancher, herunder offentlig forvaltning, detailhandel og finans, og hjælper dem med at navigere i kompleksiteten og opnå hurtigere resultater. Med særlig vægt på eksekvering og levering arbejder 460degrees på kundesiden for at guide organisationer gennem hele indkøbsprocessen og sikre, at de har adgang til den rette ekspertise og de rette nøglepersoner i alle faser af deres digitale transformation. "Samarbejdet med Andersen Consulting giver os mul
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom