Case Study: California Department of Technology achieves faster time-to-market and integrated AppSec with Veracode

Veracode Helps California State Government Improve Time to Market and Integrate Security Into its SDLC

The California Department of Technology (CDT) manages critical state software including the www.ca.gov portal used by millions and needed a way to standardize application security across its scrum teams while meeting strict California/NIST regulatory requirements. Time-to-market was essential—delays on apps like wildfire-mapping tools could directly harm residents—so CDT required an AppSec solution that supported predictable, rapid releases and statewide adoption.

CDT selected Veracode and rolled out static analysis, IDE scanning, and CI/CD integrations from the cloud to embed security earlier in the SDLC. The cloud-based, maintenance-free platform enabled immediate scanning, reduced costly rework, improved developers’ secure-coding practices, accelerated deployments, and avoided potential breach costs; developers now scan more apps, have remediated hundreds of vulnerabilities, and CDT is positioned to scale the program across other state agencies.

California Department of Technology

Scott Gregory

Chief Technology Innovation Officer