Why New Relic
Provides software analytics as a service to support DevOps approach through end-to-end application monitoring in a hybrid cloud environment
- Provides real-time insight for faster troubleshooting of performance issues
- Improves the quality of software deployments and guides roadmap decisions
- Helps optimize application performance and cost-effective usage of cloud resources
Identifying and remediating application-layer risk before cyberattackers can exploit it
As protection against the increasing volume and sophistication of cyber-attacks, many of the world’s largest enterprises have turned to Veracode to help them embed security into all phases of the application lifecycle, from software development to pre-release to deployment and operations.
Veracode’s subscription-based offering takes a unique approach to reducing risk from web and mobile applications, whether they’re developed in-house or obtained from third-party and open source developers in the software supply chain. The offering is based on a unified platform for multiple assessment technologies including SAST, DAST, web perimeter monitoring, behavioral analysis and software composition analysis. Open APIs and IDE-level integration make it possible to easily embed automated assessments into existing Agile and DevOps workflows. Centralized policies and metrics enable distributed organizations to implement consistent controls and governance across disparate development teams. The company also offers on-demand remediation coaching services, delivered by world-class security and development experts who help developers understand secure coding practices and remediate vulnerabilities more quickly and efficiently.
“We help our customers build and deploy software faster – without sacrificing security,” says Phil Neray, vice president of product and corporate marketing at Veracode. “Our cloud-based platform has assessed more than 1.5 trillion lines of code and performed 200,000 vulnerability scans on public web-facing applications, for hundreds of the largest enterprises worldwide. It’s critical that our service is always available and delivering fast turnaround times to support our customers’ agile development cycles.”
The performance of Veracode’s platform and the resulting customer experience are top-of-mind for Bill Brown, Veracode’s chief information officer and senior vice president of platform operations. “At Veracode, as in many organizations, the role of CIO is more customer-facing than ever before,” says Brown. “It really became incumbent on me and my team to make sure we have the best tools possible to help us deliver a good customer experience.”
Patrick Hetherton, director of SaaS operations at Veracode, agrees, adding, “Just because the site is up, doesn’t mean that it’s performing well. We would hear things like, ‘It seems to be running a little slowly,’ but we didn’t have the data that showed whether that was true or not or what was causing it.” Hetherton cites the many unknowns his team faced when trying to identify and resolve performance issues as well as the problem of finger pointing across different teams responsible for different parts of the technology stack as core drivers for seeking out a software analytics solution. “New Relic was at the top of our list because it’s purpose built for application performance management and it’s a SaaS platform,” says Brown. “We didn’t want to be encumbered by an internal deployment.”
“New Relic was at the top of our list because it’s purpose built for application performance management and it’s a SaaS platform. We didn’t want to be encumbered by an internal deployment."
Visualizing all the data in a single pane of glass
Veracode deployed New Relic® Software Analytics Cloud to monitor its customer-facing platform as well as internal business systems. “Our engineers love having all the application data in a single pane of glass,” says Hetherton. While Veracode originally started using New Relic for troubleshooting performance issues after deployment, the company quickly expanded usage to pre-deployment and quality assurance as well. Today, Veracode relies on New Relic APM™, New Relic Browser™, New Relic Insight™, New Relic Server™, and New Relic Synthetics™ across its entire environment, including development, pre-production, and production, both on premise and in the cloud.
New Relic also helps the Veracode customer support team be proactive when there is a performance issue in production. “If we get an alert based on certain thresholds we set in New Relic, we can provide that information to customer support so the team is immediately aware of the issue and can proactively work with any customers impacted,” says Hetherton.
Another area where New Relic shines is in helping Veracode make the best use of public cloud resources as part of its hybrid infrastructure. “Amazon Web Services give us burst capability,” says Hetherton. “We use New Relic and the data we get from Amazon Web Services to get a full picture of application health and performance in the cloud. Plus the insight we get from New Relic helps us be cost-effective with our cloud usage.” Neray explains that as Veracode migrates services to the public cloud, it takes advantage of New Relic to identify any performance changes. “New Relic helps us scale our service to support the massive number of applications our customers need to scan, while maintaining performance and availability,” says Neray.
“We use New Relic and the data we get from Amazon Web Services to get a full picture of application health and performance in the cloud. Plus the insight we get from New Relic helps us be cost-effective with our cloud usage.”
Looking forward to Monday mornings
Hetherton credits the information available in New Relic with helping Veracode reach a more mature stage with its DevOps approach. “As we add new features to our systems, New Relic helps us make sure that the customer experience and platform performance are improving,” says Hetherton. “We can run a simple report that tells us how we are doing compared to the previous release. We check everything from error rates to key transactions to make sure they are getting better.”
The insight from New Relic allows Veracode to make informed business decisions about where it needs to invest its resources. From learning which browser versions Veracode can deprecate, to understanding which customers are using what type of report, New Relic helps Veracode “pinpoint exactly where we’re going to have the biggest impact with our efforts,” according to Hetherton. He adds: “For instance, we can now see which capabilities customers are using, how often they are using them, and which geographies they are in.”
New Relic has even made Monday mornings something to look forward to for Veracode’s CIO. “I appreciate the reports I get from New Relic on Monday mornings because they give me a good snapshot of what happened during the past week and visibility into any trends that we need to act on,” says Brown. “The insight I get from New Relic gives me confidence that the team is responding to critical alerts when we get them and being proactive about delivering a good customer experience.”
“Our cloud-based platform has assessed more than 1.5 trillion lines of code and performed 200,000 vulnerability scans on public webfacing applications, for hundreds of the largest enterprises worldwide. It’s critical that our service is always available and delivering fast turnaround times to support our customers’ agile development cycles.”