Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Welcome to the TechnoWorldInc! Community!
Recent Updates
Will iPhones cost more be...
by Saniya Abraham
[April 12, 2025, 01:54:20 PM]
OpenAI sues Elon Musk cla...
by Saniya Abraham
[April 12, 2025, 01:54:20 PM]
Microsoft rolls out AI sc...
by Saniya Abraham
[April 12, 2025, 01:54:20 PM]
Everyone's jumping on the...
by Saniya Abraham
[April 12, 2025, 01:54:20 PM]
From chatbots to intellig...
by Saniya Abraham
[March 12, 2025, 03:05:30 PM]
'Garbage' to blame Ukrain...
by Saniya Abraham
[March 12, 2025, 03:05:30 PM]
Google Chromecast users' ...
by Saniya Abraham
[March 12, 2025, 03:05:30 PM]
Global smartwatch sales f...
by Saniya Abraham
[March 12, 2025, 03:05:30 PM]
Court strikes down US net...
by Saniya Abraham
[January 03, 2025, 03:29:12 PM]
Tesla sales stall as Chin...
by Saniya Abraham
[January 03, 2025, 03:29:12 PM]
Nick Clegg leaves Meta ah...
by Saniya Abraham
[January 03, 2025, 03:29:12 PM]
Why Apple is offering rar...
by Saniya Abraham
[January 03, 2025, 03:29:12 PM]
Vodafone-Three merger cou...
by Saniya Abraham
[November 08, 2024, 04:31:03 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Techno News
 Veracode Launches World’s First Automated, Subscription-Based Security Service f
Pages: [1]   Go Down
  Print  
Author Topic: Veracode Launches World’s First Automated, Subscription-Based Security Service f  (Read 499 times)
RealWire
TWI Hero
**********



Karma: 0
Offline Offline

Posts: 18530


View Profile Email

Veracode Launches World’s First Automated, Subscription-Based Security Service for testing Off-the-shelf Software and Outsourced Code Development

Exciting innovator takes risk out of software procurement and development and delivers the only independent security audit for externally sourced code

Stand F248, Infosecurity Europe, Olympia, London

Infosecurity Europe, Olympia, London – 22 April, 2008 – Veracode, innovator in on-demand application security testing, is launching the world’s first portfolio of subscription-based services to provide organisations with a completely independent view of the risks posed to them by their applications.   The Veracode SecurityReview® service presents a major breakthrough by allowing users to obtain a single clear view of security risks right across their applications, whether those applications are purchased as commercial off-the-shelf software or developed offshore.   

As part of this new offering Veracode is the first to deliver independent auditing of externally sourced code, a cause of considerable security concern for a growing number of businesses.  By its innovative use of patented technology, Veracode is also the only provider to identify and remedy the security flaws in binary code, the very foundation of all today’s software applications, and thus eliminate the need for an organisation to hand over for test intellectual property represented in source code.

Application security has risen to the top of the agenda for security professionals striving to control their company’s overall risk profile.  According to the Computer Emergency Response Team (CERT), more than 7,000 new vulnerabilities were discovered over the last year, with 92 percent of vulnerabilities found in software according to National Institute of Standards and Technology (NIST). With organisations deploying an increasing number of complex applications – some developed internally, some offshore, some purchased off-the-shelf – the effort needed to manage risk becomes greater. Traditional approaches have focused on conducting costly and time-consuming manual penetration tests or using tools that typically require source code which is not usually available in mixed-code base environments or commercial applications.

“Veracode offers a unique method for testing commercial-off-the-shelf (COTS) software that fills an essential gap in our software security programme enabling a more effective understanding of risk from commercial software along with the information needed to manage this risk with our software vendors," said Jim Routh, CISO of Depository Trust & Clearing Corporation, who is participating in the panel session “Five keys to effective application security and secure coding” taking place 12:45-14:00 on 22 April within the keynote conference at Infosecurity Europe, Olympia in London.

Rhonda MacLean, Global Information Security Officer, Global Retail and Commercial Banking, Barclays Bank (who is also participating on the panel) further commented on the benefits of the Veracode service:

“In a rapidly changing threat environment, Veracode’s technology and its software-as-a-service model have given us the flexibility to conduct rapid code review cycles, which is an obvious benefit for our customers.”

“Enterprises are increasingly outsourcing the development of their applications and leveraging commercial software to run their business operations, but they cannot outsource the security risk and liability associated with those applications”, said Diana Kelley, Partner at analyst organization SecurityCurve. “Enterprises need effective ways to test and audit the risk associated with COTS and outsourced software when source code isn’t available.”

Based on patented, static binary testing (1) technology and dynamic web scanning (2), Veracode’s SecurityReview is the industry’s first solution specifically designed to overcome the limitations of traditional tools and manual penetration tests:

•   Veracode’s comprehensive portfolio of services covers all testing needs – including internal security reviews, PCI compliance, COTS security audits and outsourced secure code acceptance.

•   Veracode is the only organisation to scan code using automated techniques which mirror the way a machine executes code or a hacker’s approach to attack – accurately assessing the roots of the problem as no other tool can do.

•   It is the only company to offer organisations application code reviews on a software-as-a-service subscription basis (eliminating the need to install or maintain costly software, hardware or train personnel).

•   Veracode helps users keep in lockstep with new threats by leveraging its on-demand security platform, pooling the learning from every scan across all customers

•   No one else can identify and remedy the security flaws in binary code, the very foundation of all today’s software applications.

•   Veracode is the first provider to help organisations improve their application security without asking them to hand over the intellectual property represented in source code.

•   Veracode alone deals with scanning mixed-code-based applications as it can tackle both dynamic and static testing of code – reducing the fud (fear, uncertainty and doubt) factor in software procurement.

TheVeracode SecurityReview Service Portfolio is now comprised of the following on-demand services:

•   Outsourcing SecurityReview
Provides a simple, cost-effective, and automated security audits that ensures enterprises receive secure code from offshore development partners.

•   COTS (Common-off-the-shelf software) SecurityReview
Helps enterprises and government agencies quantify and manage security risks of commercial off-the-shelf software

•   SDLC (Software development life cycle) SecurityReview
Enables security teams to conduct security assessments on mission-critical internally developed applications before they ship

•   PCI SecurityReview
Automates and shortens the process for achieving compliance with the application security requirements of PCI-DSS, Visa PABP and PA-DSS in a simple and cost-effective way

“With applications being the weakest link in the corporate security chain, organisations are increasingly demanding independent verification and validation of applications as part of their software release and acceptance criteria, said Matt Moynahan, CEO at Veracode. “With Veracode, customers can now count on a single vendor delivering a comprehensive portfolio of on-demand services that delivers independent security audits for applications whether they are developed, offshore or purchased off-the-shelf.”

Availability

All four SecurityReview services are available immediately. 

(1)  In static binary testing applications are tested in the same way in which a machine would execute code and using a method similar to that a hacker would use to attack code.

(2)  Dynamic web scanning is effectively automated penetration testing.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Copyright © 2006-2023 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Powered by SMF 1.1.4 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Page created in 0.084 seconds with 23 queries.