Enterprise devs win with Veracode’s SaaS security spinout

Independent once again, Veracode will focus on its cloud-based test services that enable developers to add security to the software development lifecycle.

… But for enterprise developers, Veracode’s return to independence reflects the commoditization and utility of application security, particularly in a cloud-native world.

“In almost every way this is good news for the dev community that relies on Veracode’s testing tools to manage and automate the non-trivial task of finding vulnerabilities and mitigating risks in development cycles that are moving faster than ever,” said Chris Gonsalves, the Boston-based VP of research at The 2112 Group, a Port Washington, N.Y., consultancy. “Veracode now gets to carry on being among the top forces in app security testing — integrated across a variety of environments — without being shoehorned into the Broadcom structure.”…

… Thoma Bravo also is a proven security software investor — companies in its portfolio include SailPoint, Barracuda Networks, LogRhythm, Bomgar, Blue Coat Systems, SonicWall and Entrust — so Veracode should find itself well nurtured under its tutelage, said The 2112 Group’s Gonsalves. Veracode’s product development and roadmaps will almost certainly get a boost from the capital infusion and a return to an agnostic approach to the development world. …

… Nevertheless, Broadcom has a history of acquisitions where it keeps pieces of the businesses that fit into its longer-term plans and divests those that don’t. And the speed with which Broadcom flipped the Veracode business to Thoma Bravo underscores that Veracode wasn’t a great fit in the CA portfolio, said The 2112 Group’s Gonsalves.

“That’s not a knock on Veracode — it’s more an acknowledgement that CA is a place where goodly acquisitions oft go to wither on the vine,” he said. “Broadcom understood that, and got something like a 55% premium for their troubles.”…

Written by Darryl K. Taft

> Read the entire article at techtarget.com.