When considering new language support, we think about our customers’ existing technology stacks and the new and emerging languages that will enable them to securely bring innovations to market faster. With this in mind, we recently added support for Apex, Go, and PLSQL:
- Apex, a Salesforce.com proprietary language, enables businesses to enhance their Salesforce.com deployments to improve how they accelerate their business growth and connect with customers.
- Go, voted the third most-wanted language by more than 90,000 developers in the 2019 Stack Overflow survey, offers advantages in speed of execution, concurrency, and portability.
- PLSQL is used by more than 50 percent of professional developers and in some of our customers’ most sensitive databases.
Support for each one of these languages is only released after extensive testing to help you meet your business goals while ensuring the necessary depth of coverage to protect your organization. (Get our full list of supported languages here.) Our approach to language coverage helps you:
Save time, effort, and costs
Veracode Static Analysis removes the need for application security managers to manually review flaws or create custom rules for each unique application to suppress findings for accuracy. Furthermore, trusted results and prescriptive remediation advice enable developers to quickly remediate flaws. Each Veracode language coverage is continually refined for accuracy based on feedback from millions of scans, resulting in a less than 1.1 percent false positive rate for Veracode customers from their first scan. Across our customers, this represents tangible cost savings, with an 80 percent reduction in security team effort and a developer time savings of more than 2 hours when remediating flaws found.
Scan all your apps quickly
Veracode scans are constantly getting faster as we continuously work to reduce scan times to meet DevOps release cycles. To put this into numbers: Veracode Static Analysis scans are three times faster this year. In 2018, more than 250,000 apps scanned in less than 5 minutes, and more than 50 percent of all scans finished in less than 15 minutes.
Easily onboard apps and scale to cover your entire application landscape
Our SaaS-based approach covers all your applications – even large, complex and difficult-to-scan apps – from day one with no burden on your infrastructure. In addition, you can assess an unlimited amount of applications concurrently. No matter the size or geographic distribution of your organization, concurrent scanning means you don’t have to wait for a scan to complete before starting the next one.
Get all your testing results in one place
Thanks to the Veracode Platform, you can see your static analysis results alongside all your AppSec tests – dynamic, SCA, pen testing – in one central location. This single view of test results provides total visibility into each application’s risk and makes it easy to coordinate remediation between multiple teams and track your progress.
Keep your code secure across the software lifecycle, without slowing development cycles. Get more details on Veracode Static Analysis.
This is a companion discussion topic for the original entry at http://www.veracode.com/blog/managing-appsec/announcing-new-veracode-language-coverage-apex-go-and-plsql