Case Study: Global Industrial Manufacturing Company achieves a secure software supply chain with Veracode

A Global Industrial Manufacturer Secures its Software Supply Chain

A large global industrial manufacturer faced a growing software supply-chain risk: ad‑hoc supplier assessments revealed that more than 90% of third‑party applications had critical security flaws, and their on‑premises tooling and manual processes couldn’t scale across hundreds of vendor products. The company needed a formal, repeatable governance program to prevent vulnerable vendor software from reaching mission‑critical systems and to bake security into procurement.

The firm adopted Veracode’s cloud‑based, policy‑driven automated binary static analysis and centralized program management to baseline, test and remediate supplier applications and to enforce security requirements in RFPs. Results included rapid scaling to assess 300+ applications (110 in year one), vendors fixing over 10,000 vulnerabilities, 63% policy compliance in year one, a fourfold improvement in policy pass rate over time, and many suppliers integrating automated security testing into their development lifecycles.