Application security company Veracode has entered the Australian and New Zealand market through a new agreement with Nextgen Distribution.
The company’s technology scans a developer’s code to look for and mitigate vulnerabilities in the application before it is deployed.
Founded in 2006, the company was bought by CA Technologies in 2017 and then sold to private equity firm Thoma Bravo in 2018 following Broadcom’s acquisition of CA.
Veracode vice president global channels and alliances Leslie Bois told CRN that the new ownership gave the company the authority and the imperative to expand into new regions with a channel only model.
“We spent the last two years testing this model and seeing how this was going to work and had phenomenal growth over the past couple of years with just a couple of resources,” she said.
Bois said this process involved starting relationships with some key distributors and going out through their partner networks to try and understand how it could enable these companies to enter the application security space.
“It very quickly became apparent that we needed to be here [in APAC] and so we have invested quite a bit over the last year in additional resources,” Bois said.
As part of its local strategy, the company has employed two personnel in Australia and two in Singapore as well as standing up a services division in its Singapore offices. Bois said the company will add additional resources in the coming year.
Veracode security program analyst Jill Foley works in what the company calls its services group and will be moving to Melbourne to lead the vendor’s partner enablement drive.
Foley’s main role will be to support and train partners to be able to deliver services locally. As part of this, the company will work with Nextgen to develop the distributor’s training capability and in turn, that of partners.
This is a similar strategy the company has used in Latin America which Bois said had been quite successful.
“The key for us is to grow by developing those key capabilities with partners,” she said.
Foley’s main task will be to work in tandem with partners to deliver services but eventually take a backseat to the partner as they skill up.
Veracode’s current partner base consists of a wide array of specialties and Bois said the company wants to keep this mix in the local region.
“We have an array of partners. Some are heavy in Dev, which is great because you need Dev at the table to have a successful customer, or security,” she said.
“Our job is to bridge the gap between Dev and security and we have had very good success with both types of partners.”
The vendor is also interested in bringing MSPs into the fold according to Bois and this is due to the skill gap in application security across all end user organisations, even at the enterprise level.
From a customer perspective, Bois said Veracode operates on a “land and expand model” where the customer will use the technology on one project in what is essentially a proof of concept. If this deployment is successful, Veracode will look to expand into other projects the customer is working on. She said the company has seen a thirty percent expansion rate using this model.
Nextgen director of growth Gavin Lawless said the distributor was already a significant player in the application space.
“Partnering with Veracode brings in this level of security which is critical to our partners.
“There are a number of partners out there which play in the security space but this is just not what they do. For us it brings another element to our business. As we grow and as we offer more to market this is a key component for us.
“We are not talking about [onboarding] dozens and dozens of partners. It is a specific play for a specific set of partners who operate in the space.
Lawless added that so far the response from its channel has been very positive.
“The fact that you have a vendor in the market which is not competing with you on services either is a fantastic message. Getting that type of partner who gets that message and wants to invest is what we are helping Veracode do,” he added.