Integrating Veracode & CA: Q&A with Mordecai Rosen and Bob Brennan

Mordecai Rosen, general manager of the Security BU, and Bob Brennan, general manager for Veracode, answer questions on CA's recent acquisition of Veracode.

Last week CA Technologies announced the close of the Veracode acquisition. Mordecai (Mo) Rosen, general manager of the Security BU, and Bob Brennan, general manager for Veracode (formerly CEO), made some time to answer a two key questions.

Q: What value will customers and prospects get from a joined up CA Technologies and Veracode?

Mo: The CA and Veracode combination gives our customers and prospects the best defense against one of the most commonly exploited attack vectors: application vulnerabilities. We know that the only way to minimize this threat vector is to fully integrate application security into the software development lifecycle. The combination of CA’s DevOps portfolio and Veracode’s industry leading application security portfolio helps customers build secure applications at velocity. That’s DevSecOps, and we are set to lead this important driver of the application economy.

Bob: Our joint vision of making secure DevOps a reality made the combination of Veracode’s application security solutions and CA’s security and development solutions an ideal partnership. The additional investments CA can make in our AppSec solutions will help accelerate the adoption of application security across the entire software development lifecycle, improving software security without compromising speed to market. Also, we will be able to better help our customers meet the urgent need for an end-to-end solution across development, testing and rollout – making security and compliance transparent and automated, so developers can focus on writing high-quality, secure code.

Q: What do you see as the first product areas where joint sales or integrations will make sense?

Mo: As part of the due diligence process we did some blue sky thinking around where the strongest synergies are and what the offerings would be. Some obvious quick wins are how well Veracode security testing complements the Continuous Delivery BU’s product offerings.  As companies shift left in their development and QA methodologies, application teams need to perform security testing earlier in their development cycle.

Bob: The alignment across product areas is what makes this such a great opportunity for CA, Veracode, our customers and our prospects. Now that the deal has closed, our teams will work together to set a roadmap for cross-product. Going forward we will also look for places where we can integrate products into our SaaS platform. Over the next several weeks and months we will start setting priorities for our engineering teams. Both companies have long talked about the importance of securing the SLDC, and so we will start by focusing on how we can integrate our application security testing solutions with the CA’s DevOps enabling products.

CA Community is the blog manager’s account used to post general updates and news items.


Modern Software Factory Hub

Your source for the tips, tools and insights to power your digital transformation.
Read more >
The Business ABCs of APIsPaul Pedrazzi Shares the Secrets of Successful User-Centric SoftwareSecurity is as Simple as Human Nature