The Total Economic Impact™ Of Veracode’s Cloud-Based Application Security Service

Learn how a Global 2000 financial services company secured its critical outsourced and internally-developed applications with Veracode’s cloud-based service – and generated a 3-year, risk-adjusted ROI of 192 percent.

“Veracode has helped us scale our program significantly, and it also helps us set our priorities correctly. We can focus on the optimal strategy, policies, and KPIs to systematically reduce enterprise risk.”

— Head of application security, financial services organization

Download the Case Study



This commissioned case study by Forrester Consulting includes a detailed financial model showing how the firm used Veracode to achieve benefits with:

  • Outsourced code: Avoided costs of $1.98 million per year in identifying, tracking, and mitigating vulnerabilities in applications developed by outsourced developers.
  • Internally-developed and legacy code: Avoided costs of $3 million per year in assessing and remediating internally developed and legacy applications.
  • Improved time-to-market: Improved development skill, speed, and best practices leading to reduced costs and improved margins totaling $1-2 million per year.
  • Reduced enterprise risk: Avoided costs of $630,000 per year related to reduced application security risk.

Comparison to On-Premises Tools
In addition, the firm estimates that expanding its previous on-premises solution to match the scale of Veracode’s cloud-based service would have required an investment of more than $5 million (NPV) over three years.

This is because the firm would have had to double its existing implementation (including hardware, software, and maintenance costs for the solution, which was obtained from a major IT vendor) — as well as to hire 15 additional resources, including five consultants, to manage the program.


25 Pages