Global 2000 Firm Achieves 192 Percent ROI Securing Critical Financial Applications

Global 2000 Firm Achieves 192 Percent ROI Securing Critical Financial Applications

Financial Services Institution Improved Secure Development Processes and Reduced Enterprise Risk, According to Case Study by Leading Analyst FirmVeracode

BURLINGTON, MA–(Marketwired – Jul 24, 2014) – Veracode, the application security company, today released a commissioned case study by Forrester Consulting describing how a Global 2000 financial services company secured its critical outsourced and internally-developed applications with Veracode. Veracode’s cloud-based service and programmatic approach generated a 3-year, risk-adjusted ROI of 192 percent for the European-based, global financial services company. To access the full July 2014 study, which was conducted by Forrester Consulting on behalf of Veracode, visit:

Prior to using Veracode, the firm had implemented a traditional on-premises scanning tool from a major IT vendor. Success was limited because the tool was complex and required specialized expertise to configure it and interpret its results. As a result, the organization was only able to assess a fraction of the applications it should be assessing for risk in its overall portfolio of several thousand applications.

The study quotes the financial services firm’s head of application security as saying, “Veracode has helped us scale our program significantly, and it also helps us set our priorities correctly. We can focus on the optimal strategy, policies and KPIs to systematically reduce enterprise risk.”

With Veracode’s cloud-based service, combined with its remediation coaching and program management services, the firm was able to scale its application security program and continuously assess 400 of the firm’s business-critical application. Vulnerabilities have been reduced by 60 percent and are now found earlier in the software development lifecycle.

Specifically, the study demonstrated how the firm worked with Veracode to achieve benefits with:

  • Outsourced code: Avoided costs of $1.98 million per year in identifying, tracking, and mitigating vulnerabilities in applications developed by outsourced developers.
  • Internally-developed and legacy code: Avoided costs of $3 million per year in assessing and remediating internally developed and legacy applications.
  • Improved time-to-market: Improved development skill, speed, and best practices leading to reduced costs and improved margins totaling $1-2 million per year.
  • Reduced enterprise risk: Avoided costs of $630,000 per year related to reduced application security risk.

Reduced Cost of Ownership

Within Forrester’s Total Economic Impact (TEI) methodology, direct benefits represent only one part of the investment value. The firm also realized strategic benefits by avoiding the need to scale their previous on-premises tool to match the application coverage provided by Veracode’s cloud-based service. This expansion would have required adding significant infrastructure, software and employee resources — including fifteen full-time employees — to provide the same level of benefits.

Reduced Risk from Third-Party Software

The financial services firm is now working with Veracode to develop a Vendor Application Security Testing (VAST) program. With the VAST program, Veracode works with the organization to set polices, metrics and reporting processes that third-party commercial vendors must meet in order to do business with the financial services firm. The company anticipates that the program will help significantly reduce risk associated with the use of third-party software.

For more details on how Veracode helped the financial services firm secure their critical application infrastructure while reducing and avoiding costs, read the full report here:

About Veracode

Veracode delivers the most widely used cloud-based service for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-criminals can find and exploit them, Veracode helps enterprises deliver innovation to market faster – without sacrificing security.

Veracode’s powerful cloud-based platform, deep security expertise and programmatic, best practices approach provide enterprises with a simpler and more scalable way to reduce application-layer risk across their global software infrastructures.

Veracode secures hundreds of the world’s largest global enterprises, including 3 of the top 4 banks in the Fortune 100 and more than 25 of the world’s top 100 brands. Learn more at, on the Veracode blog and on Twitter.

Follow Us!


Established in 2009, is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...


Top Viral Impact

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow  Online Education is a very exciting topic for many as it opens up many new doors and opportunities. We’ve touched on areas such as Massive Open Online Sources (MOOC) which provides tremendous levels of cloud based interconnectivity. We’ve taken a look into higher education,  the increased demand for online courses as well as

Cloud Infographic – The Power Of Cloud Disaster Recovery

Cloud Infographic – The Power Of Cloud Disaster Recovery

Cloud Infographic – The Power Of Cloud Disaster Recovery Preventing a Cloud Disaster is one thing. Recovering from a disaster is a whole other area of concern. Today’s infographic provided by CloudVelox outlines some best practices and safeguards in order to help your business make more informed decisions. About Latest Posts Follow Us!CloudTweaksEstablished in 2009,

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.