Veracode Announces Strategic Investment and Technology Development Agreement with In-Q-Tel

Strategic Partnership with In-Q-Tel Brings Security Analysis of Binary Code to the US Intelligence Community

July 29, 2009

Veracode Inc., the leading provider of on-demand application security testing solutions, today announced a strategic investment and technology advancement agreement with In-Q-Tel, the independent strategic investment firm that identifies innovative technology solutions to support the mission of the broader U.S. Intelligence Community. With this partnership, Veracode will accelerate specific research areas for governmental, commercial and open source applications to further enhance its subscription-based application security solutions.

Veracode’s SecurityReview® service is based on patented, static binary testing technology and dynamic web scanning analysis that uniquely assesses application security threats, including vulnerabilities such as cross-site scripting (XSS), SQL injection, buffer overflows and malicious code such as hidden backdoors without exposing a company’s source code.

“Veracode is a critical addition to our strategic investment portfolio for security technologies,” said Ben Levitan, Partner at In-Q-Tel. “Veracode’s existing technology solutions for testing application binaries without requiring access to source code is crucial for any organization that brings externally developed software in-house. We are also excited by the company’s product roadmap, as it offers great promise for both the private and public sectors.”

“In-Q-Tel is at the forefront of application security and we feel honored that Veracode’s efforts have been recognized by In-Q-Tel, and we appreciate their commitment to fund very specific research to push the boundaries of application security even further,” said Matt Moynahan, CEO of Veracode.

In-Q-Tel conducted a thorough evaluation before selecting Veracode’s technology and based its investments on a three-pronged evaluation process. This includes rigorous vetting for technical excellence, examination of the financial and venture value of the investment, and the quality of the match between the commercial solution and the broadly described problem set of the U.S. Intelligence Community.

About Veracode
Veracode is the world’s leader for on-demand application security testing solutions. Veracode SecurityReview is the industry’s first solution to use patented binary code analysis and dynamic web analysis to uniquely assess application security threats, including vulnerabilities such as cross-site scripting (XSS), SQL injection, buffer overflows and malicious code. SecurityReview performs the only complete and independent security audit across any internally developed applications, third-party commercial off-the-shelf software and offshore code without exposing a company’s source code. Delivered as an on-demand service, Veracode delivers the simplest and most-cost effective way to implement security best practices, reduce operational cost and achieve regulatory requirements such as PCI compliance without requiring any hardware, software or training.

Veracode has established a position as the market visionary and leader with awards that include recognition as a Gartner “Cool Vendor” 2008, Info Security Product Guide’s “Tomorrow’s Technology Today Award 2008,” Information Security “Readers’ Choice Award 2008,” AlwaysOn Northeast’s “Top 100 Private Company 2008”, NetworkWorld “Top 10 Security Company to Watch 2007,” and Dark Reading’s “Top 10 Hot Security Startups 2007.”

Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas Venture and Polaris Venture Partners. For more information, visit www.veracode.com.