Home > News > Top Stories > Veracode Secures StateRAMP Authorization to Protect State and Local Cybersecurity

Emerging Technology, Cybersecurity

Veracode Secures StateRAMP Authorization to Protect State and Local Cybersecurity

Veracode Secures StateRAMP Authorization to Protect State and Local Cybersecurity

Veracode, a leading provider of intelligent software security solutions, today announced its attainment of State Risk and Authorization Management Program (StateRAMP).

StateRAMP offers state and local government agencies a standardized approach toward compliance to help them improve their overall security posture. Veracode obtained FedRAMP authorization in July 2022, and this week’s authorization by StateRAMP reaffirms the company’s commitment to deliver cloud-based application security software to agencies at all levels of government—federal, state, and local.

“High-profile attacks and vulnerabilities are significantly impacting the software supply chain across industries, and state and local government is no different,” said Claire Bailey, Regional Vice President of Governmental Affairs at Veracode. “Agencies need capabilities that allow them to protect the application layer. This authorization enables Veracode to support evolving state and local government security requirements. We look forward to assisting the StateRAMP mission of improving the cyber posture of public institutions and the citizens they serve.”

Veracode’s intelligent software security platform provides comprehensive application-layer protection to reduce risk in today’s dynamic threat environment. The platform supports a range of current and emerging cybersecurity requirements and best practices, including:

Securing the software supply chain through capabilities such as the generation of a Software Bills of Materials (SBOM), which provides visibility into the open-source code components that are contained in a software product Integrating security into software development from the beginning of the process (‘shifting left’) Providing a developer-friendly user experience to integrate security into the software development life cycle Supporting cloud-native development and managing risk across the application portfolio Uniting security and development teams to address cybersecurity challenges

The StateRAMP authorization enables Veracode to support state and local agencies’ cybersecurity initiatives at a time of increased risk. A shortage of skilled IT security professionals has depleted the security teams of many state agencies, and Chief Information Security Officers report risks arising from persistent malware, ransomware, and phishing attempts, according to a recent National Association of State Chief Information Officers (NASCIO) survey.

Veracode’s recent State of Software Security 2023 report revealed that, over the last 12 months, more than 74 percent of applications contained at least one security flaw. Due to variation in the types of flaws that compromise application security, security teams should use a variety of scan types to discover elusive flaws.

Bailey added, “Security teams should have confidence in the options available to secure their cyber infrastructure and make their digital landscape a safer place overall. StateRAMP makes this goal much more attainable for state and local agencies. Veracode’s platform provides a single view of an organization’s security posture and compliance via powerful reporting and analytics, restoring confidence in the digital infrastructure of agencies.”

State and local agencies can access Veracode’s comprehensive software security platform—including static analysis, software composition analysis (SCA), dynamic analysis, pipeline scanning, eLearning, container scanning, API scanning, and infrastructure as code (IaC) scanning—on the StateRAMP Marketplace.

About Veracode

Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means.

Spotlight

More featured news

Spotlight

Related News

Emerging Technology

CGI's Sunflower asset management cloud solution receives FedRAMP approval

PR Newswire | January 24, 2024

CGI Federal Inc., the wholly-owned U.S. operating subsidiary of CGI Inc., today announced that its Sunflower asset management cloud solution has received approval from FedRAMP, certifying CGI's cloud-based, software-as-a-service (SaaS) solution for use across federal government agencies in the U.S. CGI's Sunflower cloud solution is a proven, built-for-federal capability that enables management of client property, including federal property, personal property and IT assets. Currently enabling management of 4.2 million client assets at over 75 federal entities, Sunflower asset management solutions provide clients with improved efficiency, software standardization and predictable costs, balancing client needs for flexibility and functionality. Many of the agencies currently using Sunflower today have authority to operate in cloud infrastructure environments. "For federal asset and financial managers confronting the challenges posed by cybersecurity, cloud modernization and digital transformation, Sunflower empowers organizations to improve decision-making, accountability and transparency," said John B. Owens II, Senior Vice President Consulting Delivery, Federal Solutions Group, CGI. "Sunflower's listing as a FedRAMP-approved solution provides federal IT decisionmakers with additional confidence that CGI cloud technologies meet the highest security and compliance standards for mission-critical government entities." FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies. As one of the most stringent compliance processes an IT provider can undertake, FedRAMP includes an in-depth examination of a solution's data security and data governance capabilities, as well as the security practices of its cloud services. About CGI Federal CGI Federal Inc., a wholly-owned U.S. operating subsidiary of CGI Inc., is dedicated to partnering with federal agencies to provide solutions for defense, civilian, healthcare, justice, intelligence, and international affairs missions. Founded in 1976, CGI Inc. is among the largest independent IT and business consulting services firms in the world. With 91,500 consultants and professionals across the globe, CGI Inc. delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI Inc. works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Inc. Fiscal 2023 reported revenue is C$14.30 billion and CGI Inc.

Read More

Emerging Technology

Thentia now working with AWS to drive innovation in the public sector

PR Newswire | January 20, 2024

Thentia, a leading innovator in regulatory technology, is pleased to announce that it is now working with Amazon Web Services (AWS) to drive continued innovation in the public sector. Thentia is empowering regulators to seamlessly tap into the company's comprehensive regulatory assurance Software-as-a-Service (SaaS) platform, Thentia Cloud, powered by AWS, fortifying the landscape of regulatory oversight. "We are thrilled to be working with AWS as we persist in our commitment to deliver an enhanced experience for government agencies and regulatory entities globally." says Julian Cardarelli, CEO, Thentia. "By leveraging the power of AWS, we solidify our position as a clear leader and a versatile multi-cloud provider in our category, affirming our commitment to ongoing excellence." Cardarelli adds, "With our world-class, fully integrated regulatory assurance platform now accessible on AWS, we strengthen our commitment to empower the public sector with sophisticated tools for unparalleled efficiency in fulfilling their mandate of public protection." Other key benefits of Thentia's relationship with AWS include working with AWS engineers and architects to optimize Thentia Cloud's performance, security, compliance, and reliability. Partnering with AWS also helps ensure that Thentia Cloud remains at the forefront of the latest advances in cloud computing. Designed for regulators by regulators, Thentia Cloud digitizes, streamlines, and consolidates all essential regulatory functions within a single and secure cloud-based environment. The platform is designed to empower regulators with a comprehensive 360-degree view of all licensee activities, giving them a much more modern, streamlined, and efficient way to work and ultimately meet their regulatory obligation to safeguard the public. Trusted by millions of licensed professionals, businesses, and entities globally, Thentia has been recognized by regulators worldwide for its enhanced blend of technological innovation and regulatory proficiency. In addition to AWS, Thentia Cloud is available on other cloud providers including Google Cloud, IBM Cloud, and Microsoft Azure. About Thentia Thoughtfully built for regulators, by regulators, Thentia is driving regulatory transformation for hundreds of regulators and regulatory agencies worldwide with a platform that handles all key department functions including licensing, investigations, enforcement, fitness to practise, quality assurance, scope of practise, continuing education, board management, data analysis, and more. Thentia Cloud empowers regulators to transcend the constraints of legacy processes, custom-built solutions, and a web of disparate applications with a single unified 360-degree platform, setting new standards in efficiency and effectiveness. Thentia Cloud is available on all major cloud providers, including Google Cloud, Amazon Web Services (AWS), IBM Cloud, and Microsoft Azure.

Read More

Emerging Technology

Domino Data Lab Lends AI Expertise to Atlantic Council's Commission on Software-Defined Warfare

PR Newswire | January 23, 2024

Domino Data Lab, provider of the leading Enterprise AI platform trusted by over 20% of the Fortune 100, today announced it has joined the Atlantic Council's newly-formed Commission on Software-Defined Warfare, where Domino President of Public Sector Joel Meyer will represent the company to help ensure the U.S. and its allies can effectively leverage software, particularly AI platforms at scale, to enhance defense capabilities. Co-chaired by 27th U.S. Secretary of Defense Mark T. Esper, Former Acting Deputy Secretary of Defense Christine Fox, and President of Purdue University Mung Chiang, the Commission will develop a framework to enhance U.S. and allied forces through emergent digital capabilities. The commission will leverage insights from a prestigious and diverse group of subject matter experts, including former government officials, and industry leaders who will offer a wealth of valuable perspectives. The continued proliferation of advanced commercial technology, including infrastructure and tooling to support artificial intelligence, is transforming the battlefield and changing its dynamics in ways that could alter existing military balances of power. Meyer will work with the Commission to help recognize and recommend scalable, governable, and cost-effective AI approaches and solutions to ensure U.S. competitiveness amidst this paradigm shift. "To ensure the U.S. maintains its global leadership in today's technology-driven security environment, the DoD must modernize its approach to acquiring and leveraging digital capabilities," said Meyer. "I'm honored to assist the Atlantic Council's critical work to enable the DoD to leverage responsible AI-driven capabilities for data-driven decisions at the speed of battle, and support our long-term national security." This new commission is the latest of the Atlantic Council's efforts to recommend modern software practices the DoD can implement to optimize or improve defense capabilities. "Cutting-edge technology companies like Domino are crucial to closing the yawning gap in current capabilities for advancing national defense," said Stephen Rodriguez, commission director and senior advisor, at the Atlantic Council's Scowcroft Center for Strategy and Security and its Forward Defense program. "The expertise that Joel Meyer brings from his prior senior national security and technology roles will help cement the Commission's ability to drive change that supports American and allied security." The Commission's work will culminate in a framework for the U.S. legislative and executive branches, defense prime contractors and tech start-ups, and U.S. allies and partners to holistically approach software capability development and integration with military hardware. Domino for Government: Secure & Governed Mission-Driven AI Domino's Enterprise AI and MLOps Platform helps government agencies integrate AI into their missions rapidly, safely, and cost-effectively. Domino makes it easy for federal agencies to build, deploy, and manage AI at scale, on a unified platform without risking their AI intellectual property. Agency data scientists, contractors, and collaborators can securely access on-demand compute infrastructure and their choice of commercial and open-source data, tools, models, and projects—across any on-prem, GovCloud, and hybrid/multi-cloud environments. With Domino, agencies can improve collaboration and governance while establishing AI standards and best practices that accelerate their missions. "The DoD needs to continue to accelerate the integration of artificial intelligence into its mission sets to more effectively deter, deny, and if necessary, defeat our nation's adversaries," said Brigadier General and Domino advisor Bobby Kinney. "Domino's open, API-driven architecture ensures flexibility and freedom for users while offering control and built-in governance for platform and security owners — a critical role in how the DoD and its allies and partners modernize in the scaling of much-needed AI tooling and infrastructure." About Domino Data Lab Domino Data Lab empowers the largest AI-driven enterprises to build and operate AI at scale. Domino's Enterprise AI platform unifies the flexibility AI teams want with the visibility and control the enterprise requires. Domino enables a repeatable and agile ML lifecycle for faster, responsible AI impact with lower costs. With Domino, global enterprises can develop better medicines, grow more productive crops, develop more competitive products, and more. Founded in 2013, Domino is backed by Sequoia Capital, Coatue Management, NVIDIA, Snowflake, and other leading investors.

Read More

Emerging Technology

CGI's Sunflower asset management cloud solution receives FedRAMP approval

PR Newswire | January 24, 2024

CGI Federal Inc., the wholly-owned U.S. operating subsidiary of CGI Inc., today announced that its Sunflower asset management cloud solution has received approval from FedRAMP, certifying CGI's cloud-based, software-as-a-service (SaaS) solution for use across federal government agencies in the U.S. CGI's Sunflower cloud solution is a proven, built-for-federal capability that enables management of client property, including federal property, personal property and IT assets. Currently enabling management of 4.2 million client assets at over 75 federal entities, Sunflower asset management solutions provide clients with improved efficiency, software standardization and predictable costs, balancing client needs for flexibility and functionality. Many of the agencies currently using Sunflower today have authority to operate in cloud infrastructure environments. "For federal asset and financial managers confronting the challenges posed by cybersecurity, cloud modernization and digital transformation, Sunflower empowers organizations to improve decision-making, accountability and transparency," said John B. Owens II, Senior Vice President Consulting Delivery, Federal Solutions Group, CGI. "Sunflower's listing as a FedRAMP-approved solution provides federal IT decisionmakers with additional confidence that CGI cloud technologies meet the highest security and compliance standards for mission-critical government entities." FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies. As one of the most stringent compliance processes an IT provider can undertake, FedRAMP includes an in-depth examination of a solution's data security and data governance capabilities, as well as the security practices of its cloud services. About CGI Federal CGI Federal Inc., a wholly-owned U.S. operating subsidiary of CGI Inc., is dedicated to partnering with federal agencies to provide solutions for defense, civilian, healthcare, justice, intelligence, and international affairs missions. Founded in 1976, CGI Inc. is among the largest independent IT and business consulting services firms in the world. With 91,500 consultants and professionals across the globe, CGI Inc. delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI Inc. works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Inc. Fiscal 2023 reported revenue is C$14.30 billion and CGI Inc.

Read More

Emerging Technology

Thentia now working with AWS to drive innovation in the public sector

PR Newswire | January 20, 2024

Thentia, a leading innovator in regulatory technology, is pleased to announce that it is now working with Amazon Web Services (AWS) to drive continued innovation in the public sector. Thentia is empowering regulators to seamlessly tap into the company's comprehensive regulatory assurance Software-as-a-Service (SaaS) platform, Thentia Cloud, powered by AWS, fortifying the landscape of regulatory oversight. "We are thrilled to be working with AWS as we persist in our commitment to deliver an enhanced experience for government agencies and regulatory entities globally." says Julian Cardarelli, CEO, Thentia. "By leveraging the power of AWS, we solidify our position as a clear leader and a versatile multi-cloud provider in our category, affirming our commitment to ongoing excellence." Cardarelli adds, "With our world-class, fully integrated regulatory assurance platform now accessible on AWS, we strengthen our commitment to empower the public sector with sophisticated tools for unparalleled efficiency in fulfilling their mandate of public protection." Other key benefits of Thentia's relationship with AWS include working with AWS engineers and architects to optimize Thentia Cloud's performance, security, compliance, and reliability. Partnering with AWS also helps ensure that Thentia Cloud remains at the forefront of the latest advances in cloud computing. Designed for regulators by regulators, Thentia Cloud digitizes, streamlines, and consolidates all essential regulatory functions within a single and secure cloud-based environment. The platform is designed to empower regulators with a comprehensive 360-degree view of all licensee activities, giving them a much more modern, streamlined, and efficient way to work and ultimately meet their regulatory obligation to safeguard the public. Trusted by millions of licensed professionals, businesses, and entities globally, Thentia has been recognized by regulators worldwide for its enhanced blend of technological innovation and regulatory proficiency. In addition to AWS, Thentia Cloud is available on other cloud providers including Google Cloud, IBM Cloud, and Microsoft Azure. About Thentia Thoughtfully built for regulators, by regulators, Thentia is driving regulatory transformation for hundreds of regulators and regulatory agencies worldwide with a platform that handles all key department functions including licensing, investigations, enforcement, fitness to practise, quality assurance, scope of practise, continuing education, board management, data analysis, and more. Thentia Cloud empowers regulators to transcend the constraints of legacy processes, custom-built solutions, and a web of disparate applications with a single unified 360-degree platform, setting new standards in efficiency and effectiveness. Thentia Cloud is available on all major cloud providers, including Google Cloud, Amazon Web Services (AWS), IBM Cloud, and Microsoft Azure.

Read More

Emerging Technology

Domino Data Lab Lends AI Expertise to Atlantic Council's Commission on Software-Defined Warfare

PR Newswire | January 23, 2024

Domino Data Lab, provider of the leading Enterprise AI platform trusted by over 20% of the Fortune 100, today announced it has joined the Atlantic Council's newly-formed Commission on Software-Defined Warfare, where Domino President of Public Sector Joel Meyer will represent the company to help ensure the U.S. and its allies can effectively leverage software, particularly AI platforms at scale, to enhance defense capabilities. Co-chaired by 27th U.S. Secretary of Defense Mark T. Esper, Former Acting Deputy Secretary of Defense Christine Fox, and President of Purdue University Mung Chiang, the Commission will develop a framework to enhance U.S. and allied forces through emergent digital capabilities. The commission will leverage insights from a prestigious and diverse group of subject matter experts, including former government officials, and industry leaders who will offer a wealth of valuable perspectives. The continued proliferation of advanced commercial technology, including infrastructure and tooling to support artificial intelligence, is transforming the battlefield and changing its dynamics in ways that could alter existing military balances of power. Meyer will work with the Commission to help recognize and recommend scalable, governable, and cost-effective AI approaches and solutions to ensure U.S. competitiveness amidst this paradigm shift. "To ensure the U.S. maintains its global leadership in today's technology-driven security environment, the DoD must modernize its approach to acquiring and leveraging digital capabilities," said Meyer. "I'm honored to assist the Atlantic Council's critical work to enable the DoD to leverage responsible AI-driven capabilities for data-driven decisions at the speed of battle, and support our long-term national security." This new commission is the latest of the Atlantic Council's efforts to recommend modern software practices the DoD can implement to optimize or improve defense capabilities. "Cutting-edge technology companies like Domino are crucial to closing the yawning gap in current capabilities for advancing national defense," said Stephen Rodriguez, commission director and senior advisor, at the Atlantic Council's Scowcroft Center for Strategy and Security and its Forward Defense program. "The expertise that Joel Meyer brings from his prior senior national security and technology roles will help cement the Commission's ability to drive change that supports American and allied security." The Commission's work will culminate in a framework for the U.S. legislative and executive branches, defense prime contractors and tech start-ups, and U.S. allies and partners to holistically approach software capability development and integration with military hardware. Domino for Government: Secure & Governed Mission-Driven AI Domino's Enterprise AI and MLOps Platform helps government agencies integrate AI into their missions rapidly, safely, and cost-effectively. Domino makes it easy for federal agencies to build, deploy, and manage AI at scale, on a unified platform without risking their AI intellectual property. Agency data scientists, contractors, and collaborators can securely access on-demand compute infrastructure and their choice of commercial and open-source data, tools, models, and projects—across any on-prem, GovCloud, and hybrid/multi-cloud environments. With Domino, agencies can improve collaboration and governance while establishing AI standards and best practices that accelerate their missions. "The DoD needs to continue to accelerate the integration of artificial intelligence into its mission sets to more effectively deter, deny, and if necessary, defeat our nation's adversaries," said Brigadier General and Domino advisor Bobby Kinney. "Domino's open, API-driven architecture ensures flexibility and freedom for users while offering control and built-in governance for platform and security owners — a critical role in how the DoD and its allies and partners modernize in the scaling of much-needed AI tooling and infrastructure." About Domino Data Lab Domino Data Lab empowers the largest AI-driven enterprises to build and operate AI at scale. Domino's Enterprise AI platform unifies the flexibility AI teams want with the visibility and control the enterprise requires. Domino enables a repeatable and agile ML lifecycle for faster, responsible AI impact with lower costs. With Domino, global enterprises can develop better medicines, grow more productive crops, develop more competitive products, and more. Founded in 2013, Domino is backed by Sequoia Capital, Coatue Management, NVIDIA, Snowflake, and other leading investors.

Read More

More featured news