Amazon Web Services > 实例探究 > Veracode Helps Developers Find Security Flaws Faster Using AWS

Veracode Helps Developers Find Security Flaws Faster Using AWS

Amazon Web Services Logo
公司规模
SME
地区
  • America
国家
  • United States
产品
  • Veracode Greenlight
  • AWS Lambda
  • Amazon API Gateway
  • AWS Key Management Service
  • Amazon EC2
技术栈
  • Cloud Computing
  • Serverless Computing
  • API Management
  • Auto Scaling
  • Data Encryption
实施规模
  • Enterprise-wide Deployment
影响指标
  • Productivity Improvements
  • Digital Expertise
  • Innovation Output
技术
  • 基础设施即服务 (IaaS) - 云计算
  • 应用基础设施与中间件 - API 集成与管理
  • 基础设施即服务 (IaaS) - 云中间件与微服务
适用功能
  • 离散制造
  • 产品研发
用例
  • 网络安全
  • 入侵检测系统
  • 计算机视觉
服务
  • 云规划/设计/实施服务
  • 软件设计与工程服务
关于客户
Veracode, a CA Technologies company based in Burlington, Massachusetts, is a growing application-security company. Founded in 2006, the company provides an automated cloud-based service for securing web, mobile, and third-party enterprise applications. The company has around 100 employees and operates in the United States. Veracode's main product is Greenlight, a tool that helps developers discover and fix security-related defects while they are writing code. The company's mission is to secure software applications so developers don’t release software that could be susceptible to breaches.
挑战
Veracode, a CA Technologies company, is on a mission to secure software applications so developers don’t release software that could be susceptible to breaches. As part of this mission, the company created Greenlight, a tool that helps developers discover and fix security-related defects while they are writing code. Because Greenlight is designed to find security flaws quickly, Veracode must ensure strong performance. “We need to deliver security vulnerability results in under a minute,” says Patrick Day, principal cloud engineer for Veracode. “If developers wait too long for the data, they’ll move on to a different product.” Veracode also needs to scale its solution to accommodate growth. “As we were building the application, we needed to plan for increases in code-scan volume,” Day says. As an application-development company, Veracode also strives to reduce the amount of time employees spend managing the IT environment. Day says, “We’re focused on developing and deploying products, so we don’t want to put our resources and energy into managing and provisioning.”
解决方案
Veracode chose to meet its needs for speed, scalability, and time savings by building Greenlight on the Amazon Web Services (AWS) Cloud. “I had used AWS in previous jobs, and I was very confident in its ability to provide reliability and scalability,” Day says. “At Veracode, we were also excited because we saw that AWS would enable rapid prototyping without a lot of backend management.” Veracode initially ran its Greenlight application on numerous Amazon Elastic Compute Cloud (Amazon EC2) instances. Recently, the company started using AWS Lambda, a managed service that gives Veracode the ability to run code without provisioning and managing servers. Veracode also uses Amazon API Gateway to access data and functionality for Greenlight. Additionally, the company uses Auto Scaling to automatically scale Greenlight up or down based on scan-volume growth. To enhance application security, Veracode takes advantage of AWS Key Management Service (AWS KMS), a managed service that helps the company create and control encryption keys to encrypt Greenlight data.
运营影响
  • Veracode can reliably deliver fast vulnerability scans by relying on AWS.
  • Veracode was able to support a jump in vulnerability-scan volume from 100 scans to 55,000 scans in a very short time frame due to the scalability provided by AWS.
  • Veracode developers can focus on building new features instead of spending time managing the application’s backend systems.
  • Veracode can deliver new features and enhancements faster than before.
数量效益
  • Veracode saves about one day of testing time each week due to the automation, reliability, and scalability of the AWS Cloud.
  • Veracode can deploy new features every 15 minutes, compared to a few times a day previously.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。