Veracode, a Burlington, MA-based company which specializes in application risk management, acquired the technology of Phylum, an Evergreen, CO-based malicious package analysis, detection, and mitigation technology company.
The amount of the deal was not disclosed.
The acquisition will enhance Veracode’s ability to identify and block malicious code in open-source libraries, marking continued investment in its software supply chain risk management capabilities.
Led by Aaron Bray, CEO, Phylum provides malicious package database and package management firewall that will be integrated into Veracode’s SCA product, with general availability expected early this year.
Veracode specializes in application risk management for the AI era. Emowered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, its platform is used by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Development and security teams use it to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale.
Veracode is a company offering capabilities to secure the entire software development life cycle, including Veracode Fix, static analysis, dynamic analysis, software composition analysis, container security, application security posture management, and penetration testing.
