Veracode Acquires Longbow Security
April 03, 2024

Veracode announced the acquisition of Longbow Security, a provider of security risk management for cloud-native environments.

The integration of Longbow into Veracode enables security teams to discover cloud and application assets quickly and easily assess their threat exposure using automated issue investigation and root cause analysis. Longbow provides a centralized view of risk for cloud assets and applications, thereby simplifying complex workflows, enabling faster and more effective remediation, and improving overall security posture. The result is reduced risk and fewer vulnerabilities in applications and cloud infrastructures.

“Security teams are drowning in alerts that lack sufficient detail on the level of business risk, degree of exploitability of a flaw, and specific code-level insight to keep pace with remediation requirements. As a result, risk continues to accumulate,” said Brian Roche, Chief Product Officer at Veracode. “With the combination of Veracode and Longbow, teams can get a comprehensive view of their risk, automate prioritization of what matters most, and, with Veracode Fix, automate remediation of code security flaws.”

With Longbow, Veracode customers can address these challenges in four ways:

- Unified visibility of risk across applications, code, and cloud. This gives teams insight to tackle significant issues that matter most to the business.

- Orchestrated remediation from code to cloud, enabling teams to prioritize and remediate with Veracode’s AI-driven fix capabilities.

- Actionable insights with ‘Best Next Action’ advice, so customers can conduct a root cause analysis and pinpoint the best path to remediation.

- Continuous monitoring and assessment via real-time vulnerability discovery across application portfolios and runtime environments, meaning customers know exactly what is running and where.

Derek Maki, Co-Founder & Chief Product Officer at Longbow said, “We founded Longbow with a mission to simplify an increasingly complex application security risk management process and help organizations reduce risk at scale. By joining forces with Veracode, our combined solutions provide unmatched visibility, automation, and remediation capability for security and engineering teams. We are excited to take cloud-native application security to the next level.”

“This is the perfect fit for Longbow,” said Dayne Myers, Co-founder & Chief Executive Officer of Longbow. “After careful consideration, we believe that our technology and team align seamlessly with Veracode's vision, making this the best choice for Longbow’s future."

Sam King, Chief Executive Officer at Veracode, said: “The integration of our solutions provides organizations with a holistic application risk management platform that spans code to cloud. Veracode combined with Longbow advances the field of application security and enables customers to secure their increasingly complex application landscape more efficiently.”

Longbow is available immediately.

Share this

Industry News

May 08, 2025

AWS announced the preview of the Amazon Q Developer integration in GitHub.

May 08, 2025

The OpenSearch Software Foundation, the vendor-neutral home for the OpenSearch Project, announced the general availability of OpenSearch 3.0.

May 08, 2025

Jozu raised $4 million in seed funding.

May 07, 2025

Wix.com announced the launch of the Wix Model Context Protocol (MCP) Server.

May 07, 2025

Pulumi announced Pulumi IDP, a new internal developer platform that accelerates cloud infrastructure delivery for organizations at any scale.

May 07, 2025

Qt Group announced plans for significant expansion of the Qt platform and ecosystem.

May 07, 2025

Testsigma introduced autonomous testing capabilities to its automation suite — powered by AI coworkers that collaborate with QA teams to simplify testing, speed up releases, and elevate software quality.

May 06, 2025

Google is rolling out an updated Gemini 2.5 Pro model with significantly enhanced coding capabilities.

May 06, 2025

BrowserStack announced the acquisition of Requestly, the open-source HTTP interception and API mocking tool that eliminates critical bottlenecks in modern web development.

May 06, 2025

Jitterbit announced the evolution of its unified AI-infused low-code Harmony platform to deliver accountable, layered AI technology — including enterprise-ready AI agents — across its entire product portfolio.

May 05, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, and Synadia announced that the NATS project will continue to thrive in the cloud native open source ecosystem of the CNCF with Synadia’s continued support and involvement.

May 05, 2025

RapDev announced the launch of Arlo, an AI Agent for ServiceNow designed to transform how enterprises manage operational workflows, risk, and service delivery.

May 01, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.

May 01, 2025

Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.

May 01, 2025

Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.