Global 2000 Firm Achieves 192 Percent ROI Securing Critical Financial Applications

Global 2000 Firm Achieves 192 Percent ROI Securing Critical Financial Applications

Financial Services Institution Improved Secure Development Processes and Reduced Enterprise Risk, According to Case Study by Leading Analyst FirmVeracode

BURLINGTON, MA–(Marketwired – Jul 24, 2014) – Veracode, the application security company, today released a commissioned case study by Forrester Consulting describing how a Global 2000 financial services company secured its critical outsourced and internally-developed applications with Veracode. Veracode’s cloud-based service and programmatic approach generated a 3-year, risk-adjusted ROI of 192 percent for the European-based, global financial services company. To access the full July 2014 study, which was conducted by Forrester Consulting on behalf of Veracode, visit: https://info.veracode.com/forrester-case-study.html

Prior to using Veracode, the firm had implemented a traditional on-premises scanning tool from a major IT vendor. Success was limited because the tool was complex and required specialized expertise to configure it and interpret its results. As a result, the organization was only able to assess a fraction of the applications it should be assessing for risk in its overall portfolio of several thousand applications.

The study quotes the financial services firm’s head of application security as saying, “Veracode has helped us scale our program significantly, and it also helps us set our priorities correctly. We can focus on the optimal strategy, policies and KPIs to systematically reduce enterprise risk.”

With Veracode’s cloud-based service, combined with its remediation coaching and program management services, the firm was able to scale its application security program and continuously assess 400 of the firm’s business-critical application. Vulnerabilities have been reduced by 60 percent and are now found earlier in the software development lifecycle.

Specifically, the study demonstrated how the firm worked with Veracode to achieve benefits with:

  • Outsourced code: Avoided costs of $1.98 million per year in identifying, tracking, and mitigating vulnerabilities in applications developed by outsourced developers.
  • Internally-developed and legacy code: Avoided costs of $3 million per year in assessing and remediating internally developed and legacy applications.
  • Improved time-to-market: Improved development skill, speed, and best practices leading to reduced costs and improved margins totaling $1-2 million per year.
  • Reduced enterprise risk: Avoided costs of $630,000 per year related to reduced application security risk.

Reduced Cost of Ownership

Within Forrester’s Total Economic Impact (TEI) methodology, direct benefits represent only one part of the investment value. The firm also realized strategic benefits by avoiding the need to scale their previous on-premises tool to match the application coverage provided by Veracode’s cloud-based service. This expansion would have required adding significant infrastructure, software and employee resources — including fifteen full-time employees — to provide the same level of benefits.

Reduced Risk from Third-Party Software

The financial services firm is now working with Veracode to develop a Vendor Application Security Testing (VAST) program. With the VAST program, Veracode works with the organization to set polices, metrics and reporting processes that third-party commercial vendors must meet in order to do business with the financial services firm. The company anticipates that the program will help significantly reduce risk associated with the use of third-party software.

For more details on how Veracode helped the financial services firm secure their critical application infrastructure while reducing and avoiding costs, read the full report here: https://info.veracode.com/forrester-case-study.html

About Veracode

Veracode delivers the most widely used cloud-based service for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-criminals can find and exploit them, Veracode helps enterprises deliver innovation to market faster – without sacrificing security.

Veracode’s powerful cloud-based platform, deep security expertise and programmatic, best practices approach provide enterprises with a simpler and more scalable way to reduce application-layer risk across their global software infrastructures.

Veracode secures hundreds of the world’s largest global enterprises, including 3 of the top 4 banks in the Fortune 100 and more than 25 of the world’s top 100 brands. Learn more at www.veracode.com, on the Veracode blog and on Twitter.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Off Premise Corporate Data Storage Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted,…

Cloud-Enabled Managed Hosting: 5 Things A Cloud Provider Should Offer

Cloud-Enabled Managed Hosting: 5 Things A Cloud Provider Should Offer

Cloud-Enabled Managed Hosting The IT industry moves at light speed fueled by constant change and advancement. No area of IT has been affected more by this change than the hosting and managed service space. Advancement in the cloud and its delivery models of IaaS and SaaS have caused a monumental shift in the way IT…

7 Common Cloud Security Missteps

7 Common Cloud Security Missteps

Cloud Security Missteps Cloud computing remains shrouded in mystery for the average American. The most common sentiment is, “It’s not secure.” Few realize how many cloud applications they access every day: Facebook, Gmail, Uber, Evernote, Venmo, and the list goes on and on… People flock to cloud services for convenient solutions to everyday tasks. They…

Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Next Generation of Cyber Security As I walked through RSA last week, I was struck by the usual fear laden messages “You’re not safe and never will be but I (vendor) have a silver bullet that will protect you.” And, I wondered if this fear-based approach is deterring a badly needed next generation of cyber…

Small Technology Providers (STPs) — VARs, ISVs, Integrators, And SME Consultants

Small Technology Providers (STPs) — VARs, ISVs, Integrators, And SME Consultants

Small Technology Providers (STPs) Continuation from last weeks article. See the article here  Here’s the opportunity for little / middle guy.  It’s funny, I’m a big networker and I can’t tell you how many conversations I’ve had with IT folk across all these specialty functions and everyone says the same thing:   They all felt like…

All Enterprises Should Model Themselves After Today’s Startups

All Enterprises Should Model Themselves After Today’s Startups

Startups Leveraging Cloud Services Never in history has it been easier to start a business and fast track growth to dominate a market. Conversely, it has never been possible to transform from market leader to market memory faster than now. New startups are disrupting the market, fast tracking growth and sucker punching the market leaders.…

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security Risks Does security in the cloud ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that,…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor