Manage Enterprise Risk with Testing
of the Software Supply Chain

State of Software Security Feature Supplements allow us to extend our analysis to a variety of topical areas. This feature supplement focuses on the actual state of vendor application security testing programs currently being implemented by our enterprise customers.

Download the Report



The report analyzes:

  • Enterprise risks associated with vendor software
  • Vulnerabilities found in vendor software
  • Software security testing program metrics (e.g. program participation rates)
  • How different enterprise approaches impact vendor compliance


The focus of this report is the state of enterprise programs that assess the security of software purchased from vendors (where an enterprise is defined as companies with over $500 million in annual revenue). Security experts have long advised enterprises to incorporate application security testing into their software procurement or vendor management activities.

Questions? 1-888-937-0329 |

Veracode‚Äôs cloud-based service is a simpler and more scalable way to reduce application-layer risk across your entire global software infrastructure — including web, mobile and third-party applications — without hiring more consultants or installing more servers and tools. With Veracode's smart approach to application security, you can drive your innovations to market faster — without sacrificing security in the process.