Case Study: State Government achieves compliance and reduces risk at scale with Veracode

A State Government Protects Citizen Data by Securing Applications

A U.S. state government facing rising public concern about data breaches and pressure to meet HIPAA, PCI and other regulations needed an easy-to-roll-out, scalable application security program. Previous tools produced too much data and few actionable metrics, so the state’s CIO sought a centralized solution to secure applications across many agencies and vendors.

The state implemented Veracode’s cloud-based, policy-driven platform and services across 14 agencies, assessing 200+ applications in year one. Using automated scanning, remediation guidance, vendor testing and analytics-driven scorecards, the program helped fix over 28,000 vulnerabilities, achieve a 77% policy pass rate, and rapidly scale ongoing application security and developer training.