CA Technologies has announced it has signed a definitive agreement to acquire Veracode, a player in securing web, mobile and third-party applications across the software development lifecycle, for approximately USD 614 million in cash. The transaction is expected to close in the first quarter of fiscal year 2018, and is subject to customary closing conditions, including regulatory approvals.
With Veracode, CA Technologies bridges its Security business with its broad DevOps portfolio and adds to its growing SaaS business. Veracode extends CA’s go-to-market strategy into midsize enterprise customers while CA accelerates Veracode‘s global reach into larger enterprise customers.
According to Gartner, security testing is growing faster than any other security market, as AST solutions adapt to new development methodologies and increased application complexity. Security and risk management leaders must integrate AST into their application security programs. Increased deployment of web and cloud-based business applications has further propelled the market growth. By 2019, more than 50 percent of enterprise DevOps initiatives will have incorporated application security testing for custom code, up from less than 10 percent in 2016.
“Software is at the heart of every company’s digital transformation. Therefore, it’s increasingly important for them to integrate security at the start of their development processes, so they can respond to market opportunities in a secure manner,” said Ayman Sayed, President and Chief Product Officer, CA Technologies. “This acquisition will unify CA’s Security and DevOps portfolios with a SaaS-based platform that seamlessly integrates security into the software development process. Looking holistically at our portfolio, now with Veracode and Automic, we have accelerated the growth profile of our broad set of solutions. We now expect that the size of our growing solutions within our Enterprise Solutions portfolio will eclipse the more mature part of the Enterprise Solutions portfolio in FY19.”
The ability to deliver Identity and Access Management, DevOps tools and automation capabilities with SaaS-based application security, allows CA to offer enterprises of all sizes a faster time-to-value from their software investments.
Digital transformation requires an integrated and agile approach to security. Code-vulnerability risk is mitigated and time spent identifying and fixing security issues in production is reduced when security testing is shifted earlier into the application development process. According to data from the National Institute of Standards and Technology, “It's 30x more expensive to fix a vulnerability during post-production than during the design, requirement identification and architecture stage.”
“We provide over 1400 small and large enterprise customers the security they need to confidently innovate with the web and mobile applications they build, buy and assemble, as well as the components they integrate into their environments,” said Bob Brennan, CEO, Veracode. “By joining forces with CA Technologies, we will continue to better address growing security concerns, and enable them to accelerate delivery of secure software applications that can create new business value.”
Founded in 2006, Veracode has offices in Burlington, MA and London and has over 500 employees worldwide.