Case Study: Comms Service Provider achieves fewer production vulnerabilities and faster remediation with Veracode

Comms Service Provider - Customer Case Study

A large communications service provider shifted from contractor-led projects to in-house DevOps and needed to harden hundreds of applications across monorepos and microservices. The challenge was to embed consistent security testing (SAST, DAST, SCA), manage third‑party libraries, and catch vulnerabilities earlier in the pipeline without disrupting production SLAs.

They integrated Veracode at three points (IDE plugin, pipeline scans, and build/module scans), using SAST as the primary control and Veracode’s remediation/tracking as a single pane of glass. The result: fewer production vulnerabilities, improved monthly remediation metrics, faster overall fixes and a more proactive security posture—while the team flagged higher false positives and ongoing needs around container security and IAST.