4.22.08 Veracode CEO Asks Tough Questions About the State of Software Security at Infosecurity

News & Events

Veracode CEO Asks Tough Questions About the State of Software Security at Infosecurity Europe 2008

Who:	Matt Moynahan, CEO, Veracode, Inc.
When:	April 24, 2008 10:00 AM GMT
Where:	Infosecurity Europe Grand Hall, Olympia London, UK
Description:	Matthew Moynahan, CEO, Veracode, will be joined by Paul Simmonds, Chief Information Security Officer, ICI to examine the €157 billion software industry and its lack of any universal standard for measuring and evaluating the security of a software application before it is purchased. Together they ask: What would it be like if companies could determine the security before purchase? In this joint presentation, Moynahan and Simmonds will discuss why objective security tests on applications before purchase have not been feasible to date and will explore the changes in the industry that are making this possible today. They will discuss how the software industry can learn from the automotive industry and use industry-standard tests to determine the security of software before it is purchased and deployed.

About Veracode

Veracode is the world’s leader for on-demand application security testing solutions. Veracode SecurityReview is the industry’s first solution to use patented binary code analysis and dynamic web analysis to uniquely assess any application security threats, including vulnerabilities and malicious code. SecurityReview performs the only complete and independent security audit across any internally developed applications, third-party commercial off-the-shelf software and offshore code without exposing a company’s source code. Delivered as an on-demand service, Veracode delivers the simplest and most-cost effective way to implement security best practices, reduce operational cost and achieve compliance without requiring any hardware, software or training.

Veracode has established a position as the market visionary and leader with awards that include recognition as a Gartner “Cool Vendor” 2008, Info Security Product Guide’s “Tomorrow’s Technology Today Award 2008,” Information Security “Readers’ Choice Award 2008,” AlwaysOn's "Northeast Top 100 Private Company 2008", NetworkWorld “Top 10 Security Company to Watch 2007,” and Dark Reading’s “Top 10 Hot Security Startups 2007.”

Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas Venture and Polaris Venture Partners. For more information, visit www.veracode.com.

Contacts:
Jim Crook
Lois Paul & Partners
781.782.5734
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

Site Map | Responsible Disclosure Policy | Privacy Policy | Contact Us

Veracode offers the first on-demand, application security solution that provides automated application security testing through an easy-to-use, software-as-a-service delivery model. By providing code analysis and web application security testing as a service, organizations have no software or hardware to purchase, install, maintain or upgrade.

With Veracode, enterprises can use application security assessment to achieve code security and implement testing into their secure software development life cycle at key development milestones. For enterprises that want to improve SDLC security without sacrificing profitability or competitiveness, Veracode offers SecurityReview®. SecurityReview combines static, dynamic, and manual testing capabilities and scans code after it has been compiled—at the binary level or "byte" code level rather than the source level, as other solutions do. This offers two distinct advantages: One, binary code analysis is more efficient, so vulnerabilities can be found more quickly and with fewer false positives. And two, binary code analysis is the most complete application security testing method because all code can be scanned regardless of origin.

Information on other topics related to application security assurance, dynamic application security testing, XSS, SQL Injection, IT risk management, static code analysis, and offshore development are also available on this site and on the Veracode Blog.