Veracode, the global leader in application risk management, today announced a year of significant corporate momentum, product innovation, and customer growth throughout 2025. The company delivered strong performance in the final quarter of 2025, with new Annual Contract Value (ACV) increasing 81 percent year-over-year, underscoring sustained market traction and rising demand for its solutions.
Veracode’s strong performance was fueled by growing demand for application risk management as organizations navigated the dual pressures of rapid AI adoption and increasingly complex software supply chains. Security and development teams are now prioritizing comprehensive platforms that deliver visibility, control, and compliance across application ecosystems, helping them meet evolving regulatory requirements and manage modern development risks.
“We closed 2025 with an exceptional finish, and this is a direct result of our unwavering commitment to customer success,” said Brian Roche, Chief Executive Officer at Veracode. “Veracode’s purpose is to empower organizations to address the mounting challenges defining today’s security landscape—AI-generated code, external attack surface management, complex supply chain vulnerabilities, and the pressure to secure software at unprecedented speed and scale. Our teams remained true to this purpose throughout the year, delivering unrivalled visibility, intelligence, and assurance every day.”
Customer acquisition accelerated in 2025, with more than 130 new organizations added in the last quarter alone. The strength of Veracode’s value proposition was reflected in deal size, marked by the closing of seven-figure and multi-year contracts across diverse industries and use cases. The company’s performance was driven by heightened demand for comprehensive platforms that manage risk across the entire software development lifecycle, from code creation to cloud deployment.
The Veracode platform processed a record-breaking 420 trillion lines of code and helped customers fix 131 million flaws in 2025. This demonstrates a clear industry trend toward actively reducing security debt rather than simply scanning for compliance.
This momentum was powered by key product innovations, including the launch of Veracode Package Firewall to block malicious open-source packages before they enter the development environment, and External Attack Surface Management to proactively reduce risk across all internet-facing assets.
Veracode’s leadership was validated by customers and top industry analysts. The company earned the TrustRadius Top Rated and Buyers Choice awards for 2025 and was named a Leader in the Forrester Wave for Static Application Security Testing (SAST), the Gartner Magic Quadrant for Application Security Testing, and the IDC MarketScape for Application Security Posture Management (ASPM). Veracode also led the industry conversation on emerging risks, publishing the inaugural GenAI Code Security Report and 2025 State of Software Security Report, and was featured in a CNBC documentary on application risk management for modern development.
“I’m incredibly proud of what we achieved in 2025 and look forward to sustained success in the year ahead as we continue to enhance our platform and provide comprehensive visibility across the attack surface,” Roche closed. "Our mission remains clear: to deliver a platform that gives organizations complete confidence in the software they build, buy, run, and share. That's the future we're building."
About Veracode
Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, Malicious Package Detection, Package Firewall, and Penetration Testing.
Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and X.
Copyright © 2026 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands, or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.
View source version on businesswire.com: https://www.businesswire.com/news/home/20260205307321/en/
© Business Wire, Inc.
Avertissement :
Ce communiqué de presse n’est pas un document produit par l’AFP. L’AFP décline toute responsabilité quant à son contenu. Pour toute question le concernant, veuillez contacter les personnes/entités indiquées dans le corps du communiqué de presse.