I apologize if this is against the rules, but I think this (in my personal opinion) relevant to cybersecurity professionals. Please remove if not. Some of this is second hand from those were affected. disclosure: I'm a former Veracode employee but was not affected by this layoff.
Just wanted it to be known that there was another large round of layoffs at Veracode and this time was the most dramatic restructuring yet. All of dynamic and SCA products were offshored. Static was also affected by layoffs. Some onshore were moved to a different teams but many were laid off. The replacement offshore were brought on only a few months ago so the institutional knowledge loss is immense. Many prominent engineers and management have left in the last year or so as Veracode has struggled financially.
The reason why I'm posting this is, in my personal opinion, it's potentially dangerous that cybersecurity professionals may rely on Veracode's products for security but may be unaware that those actually making, managing, and maintaining the product are essentially now gone and the keys have been handed over to a brand new inexperienced offshore team.
If you use the product, just be aware of this. I also welcome discussion from other people who have seen this happen and how it did (or did not) actually end up affecting the quality / security of the product.