Denim Group has been acquired by Coalfire. Learn More>>

Denim Group Partners With Veracode To Help Enterprises Scale Software Security Programs

Enables Organizations to Remediate While Minimizing Impact on Development Teams

Denim Group, the leading secure software development company, today announced it has partnered with Veracode, a leading provider of cloud-based application intelligence and security verification tools and services, to enable organizations to build secure applications faster. By combining the capabilities of Denim Group’s expertise in secure application development and processes with Veracode’s application scanning platform, Denim Group and Veracode provide an end-to-end capability to identify and resolve application-level vulnerabilities in the enterprise faster and more efficiently.

Denim Group’s customers already benefit from the company’s secure development expertise. By adding Veracode’s static and dynamic automated testing systems, customers can gain greater visibility into their application portfolio and quickly scale their application security scanning program. Since processing application builds takes valuable developer time, Denim Group facilitates Veracode testing by working with development teams spread throughout their organization. Denim Group’s assistance allows organizations to get more of their application portfolio brought under coverage in less time, ultimately fixing application-level vulnerabilities quicker.

Once the scans are complete, Denim Group then helps customers prioritize remediation activities, ensuring that egregious vulnerabilities are addressed. Denim Group works with both development and security teams to analyze the vulnerability data and help accelerate the vulnerability resolution process. The company’s consultants are practicing developers who track the latest software trends and methodology and have the expertise to fix vulnerabilities in the source code or help advise development teams on remediation approaches. By using the combined force of Veracode and Denim Group, customers will be able to understand and prioritize vulnerabilities organization-wide, and remediate them while development teams continue work.

Finally, the integrated power of Denim Group and Veracode allows organizations to speed development time without losing sight of security. Denim Group aids organizations by augmenting their development teams. By adding Denim Group secure development staff, clients are better able to develop secure applications and learn the techniques for secure coding. Development teams are often tasked with creating functional and user interface features on short deadlines, leaving little time to consider security implications. Code is then verified by Veracode’s cloud-based scanning engine, leaving time for any revisions. Since Veracode’s scanning services require no software or hardware to install, clients are not bogged down with processing time to see the results of Veracode’s code verification.

“Today’s applications control access to financial data, public service infrastructure, patient health records, personal information on mobile devices and more — making software applications the enterprise’s new perimeter,” said Chris Wysopal, Chief Technical Officer of Veracode. “This increases the importance of more quickly identifying and fixing application vulnerabilities like SQL Injection and Cross Site Scripting errors that continue to persist. Veracode’s research has consistently shown that these types of vulnerabilities persist sometimes for months, and this is simply unacceptable. We are pleased to offer our combined services to better help our customers address this particularly acute business problem with our clients.”

“Veracode directly addresses the business problem of application scanning breadth, enabling enterprise customers to scan hundreds or thousands of applications on a regular basis,” said Denim Group Principal John Dickson. “Denim Group provides expertise around software development activities as well as hands-on assistance to resolve persistent application software defects that can have a large impact on the security profile of the organization. By combining the power of Veracode with Denim Group’s secure development expertise, mutual customers get more application scanning coverage and can fix vulnerabilities more quickly, which is an attractive proposition in today’s marketplace.”

About Denim Group

Denim Group is the leading secure software development firm. The company builds custom large-scale software development projects across multiple platforms, languages and applications. What makes Denim Group unique is that the company brings significant core competencies in software security to the table, offering an innovative blend of secure software development, testing and training capabilities that protect a company’s biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries. Its depth of experience building large-scale software development systems in a secure fashion has made the company’s leaders recognized experts in their fields. Denim Group has been recognized as one of the 5,000 Fastest Growing Company’s by Inc. Magazine five years in a row, and has won multiple awards including its accolades as one of the best places to work in San Antonio. For more information about Denim Group visit

About Veracode

Veracode is the only independent provider of cloud-based application intelligenceand security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide including Global 2000 brands such as Barclays PLC and Computershare as well as the California Public Employees’ Retirement System (CalPERS) and the Federal Aviation Administration (FAA). For more information, visit, follow on Twitter: @Veracode or read the Veracode Blog.