Case Study: Global Bank scales application security and cuts cost per exploitable vulnerability from €500 to €7 with Veracode

Global Bank Scales Application Security Program and Dramatically Lowers Cost per Exploitable Vulnerability

A global bank facing heightened regulatory pressure and high-profile industry breaches needed to replace a decentralized, manual approach to application security with a scalable, automated, enterprise program. Leadership required faster, standardized testing across internally developed, outsourced and commercial applications, reduced remediation costs by shifting security left in the SDLC, and consistent reporting to meet multiple international regulations.

The bank adopted Veracode’s cloud-based platform, APIs and programmatic services to centralize inventory, automate onboarding and scans, and provide remediation coaching and training. Results included testing 200 apps in the initial six-month pilot (vs. a 40-app target), analyzing 750+ applications in two years, remediating 2,000+ high/very high vulnerabilities in 12 months, raising compliance from 30% to 64%, enabling 2,300 developers to scan, and cutting the cost to find an exploitable vulnerability from €500 to €7.