Veracode Acquires Longbow Security for Cloud-Native Security

Veracode has acquired Longbow Security, a company specializing in security risk management for cloud-native environments. Financial details of the transaction were not disclosed.

This is technology M&A deal number 82 that ChannelE2E and MSSP Alert have covered in 2024. See more than 2,000 technology M&A deals for 2024, 2023, 2022, 2021, and 2020 listed here.

Veracode, founded in 2006, is based in Burlington, Massachusetts. The company has 679 employees listed on LinkedIn. Veracode’s areas of expertise include application security, web application security, binary static analysis, vendor application security testing, runtime application self-protection, software composition analysis, dynamic analysis, application security programs, and DevSecOps.

Longbow Security, founded in 2019, is based in Austin, Texas. The company has 30 employees listed on LinkedIn. Longbow’s areas of expertise include application and cloud risk remediation, best next actions technology, application security testing (AST), vulnerability management (VM), cloud-native application protection platform (CNAPP) tools, security issue prioritization, tailored remediation solutions, security, application, and DevOps team empowerment, risk mitigation at scale, security leadership capital, application risk management, and cloud security.

This acquisition integrates Longbow's security management solutions into Veracode's portfolio, aiming to offer improved asset discovery and threat exposure assessment capabilities within cloud and application environments, according to the company.

The deal is expected to provide Veracode customers with enhanced capabilities for managing security risks in cloud-native application environments, aligning with the increasing need for comprehensive visibility and streamlined remediation processes in the face of growing security challenges.

Veracode Acquires Longbow: Executive Statements

Brian Roche, Chief Product Officer, Veracode, commented:

"Security teams are drowning in alerts that lack sufficient detail on the level of business risk, degree of exploitability of a flaw, and specific code-level insight to keep pace with remediation requirements. As a result, risk continues to accumulate. With the combination of Veracode and Longbow, teams can get a comprehensive view of their risk, automate prioritization of what matters most, and, with Veracode Fix, automate remediation of code security flaws."

Derek Maki, Co-Founder & Chief Product Officer, Longbow, said:

"We founded Longbow with a mission to simplify an increasingly complex application security risk management process and help organizations reduce risk at scale. By joining forces with Veracode, our combined solutions provide unmatched visibility, automation, and remediation capability for security and engineering teams."

Dayne Myers, Co-founder & Chief Executive Officer, Longbow, added:

"This is the perfect fit for Longbow. After careful consideration, we believe that our technology and team align seamlessly with Veracode's vision, making this the best choice for Longbow’s future."

Sam King, Chief Executive Officer, Veracode, said:

"We’re thrilled to welcome Longbow to Veracode and expand our platform capabilities with industry-leading application security posture management for today’s enterprise requirements. The integration of our solutions provides organizations with a holistic application risk management platform that spans code to cloud. Veracode combined with Longbow advances the field of application security and enables customers to secure their increasingly complex application landscape more efficiently."