One of the Boston area’s most intriguing tech companies operates in a danger zone. The software security danger zone, that is. To give a sense of what we’re talking about here, national security expert Richard Clarke is on its board of directors.
Yes, the trajectory of Veracode could play a big role in the future of how software applications get secured—and how cyber warfare is waged. And conversely, the proliferation of Web and mobile apps—and the increasing seriousness of cyber attacks—could mean big business for Veracode.
The Burlington, MA-based company started in 2006 and has raised $74 million from investors including Atlas Venture, Polaris Ventures, .406 Ventures, and Symantec. That puts Veracode in the top 10 biggest VC-backed technology bets around Boston.
Right now, that bet looks like it could pay off. Veracode, which has some 225 employees, expects to bring in $36-39 million in revenue this year. Its sales are growing by more than 75 percent year-over-year. And it says it’s just getting started.
Just over a year ago, the company brought in a new CEO: Bob Brennan, the former chief executive of data management firm Iron Mountain (NYSE: [[ticker:IRM]]). Brennan took over from chairperson and interim chief Maria Cirino, who succeeded founding CEO Matt Moynahan earlier in 2011.
Brennan has a very interesting background. The New York City native (but longtime Bostonian) ran American Internet Services in the mid-1990s, sold it to Cisco in 1998, and served as a vice president and general manager at the networking giant for two years. From there, he joined Connected, a PC data protection company that was bought by Iron Mountain in 2004 (more on that below). Brennan served as president and chief operating officer and worked his way up to CEO in 2008.
Last month, I had a chance to sit down with Brennan at Veracode’s headquarters. In a wide-ranging interview, he talked about how the application security industry is approaching a tipping point; how Veracode’s technology and strategy differ from its competitors; and also some interesting leadership issues around hiring, culture, and psychology.
Here’s an edited transcript of our chat:
Xconomy: Before we get to Veracode, how did you end up at Iron Mountain?
Bob Brennan: I was working on an acquisition for Cisco when my PC died. It was a moment of metaphysical terror. The IT guys said, ‘No, no, it’s backed up.’ But I hadn’t been backing it up. It did it automatically with this product called Connected. I thought it was amazing that I got all my stuff back, including the details on this acquisition. I realized that I wanted to be in charge of something more fully. I knew some of the investors in Connected, met with them, and became CEO.
We had the company going public, and it really wasn’t ready to go public. And the markets were cresting, it was the spring of 2000. So we went about building that company the old-fashioned way, ultimately selling it to Iron Mountain in 2004.
X: So why did you join Veracode?
BB: I fell in love with Veracode because every corporation needs the service that we provide—which is essentially to secure their application layer. There were very committed investors, tremendous talent here, and a large expanding market opportunity. And the opportunity for Veracode to be an independent third party that made the technology industry a better industry. So that software vendors were developing more secure code, and corporations were buying more secure code. And that we could be in the middle of all that, and potentially build a large independent company in Boston. So I was a sucker for all that.
X: Tell me about the big problem you’re trying to solve here.
BB: Our customers are the largest corporations in the world. In today’s day and age there’s a need for speed. That has produced
