9.10.07 - Veracode Bolsters Board of Advisors, Adds Three Security Veterans

News & Events

VERACODE BOLSTERS BOARD OF ADVISORS, ADDS THREE SECURITY VETERANS

Burlington, Mass. – September 10, 2007 – Veracode™, provider of the industry’s first on-demand application security review solutions, today announced the appointment of three security veterans to the Veracode Board of Advisors. Recognizing the importance of broad industry support behind developing more secure software, Veracode has enhanced its already notable advisory board by adding three executives with extensive experience in enterprise security and managing operational risk.

These industry experts were selected to guide the Company's solution roadmap, organizational strategy and execution. The new board members include:

• John Meakin, Group Head of Information Security, Standard Chartered Bank
• Paul Simmonds, Chief Information Security Officer, ICI
• Bill Wray, Vice Chairman and Chief Information Officer, Citizens Financial Group, Inc.

John Meakin
John Meakin is a specialist in information systems security with more than 18 years of experience. Since mid-2002, he has led a global information security team at Standard Chartered Bank. He has also provided information security consultancy support to a number of blue-chip clients aimed at improving their systems security and effectiveness. Dr. Meakin was also previously responsible for leading systems security policy and strategy for Reuters, The Royal Bank of Scotland, Swiss Bank Corporation, and the investment-banking arm of Dresdner Bank. Dr. Meakin earned a Ph.D. in Experimental Solid State Physics from Cambridge University.

“Today, only a small percentage of applications in an enterprise inventory are tested regularly for security because testing is expensive and the skilled resources required are not widely available,” Meakin said. “Veracode provides a compelling on-demand business model to cost-effectively test a larger percentage of the entire application inventory. More testing is a necessary response to the increased threats to web-facing and enterprise applications.”

Paul Simmonds
Paul Simmonds joined ICI in 2001 when he was recruited to manage information security for the U.K. chemical company. Simmonds also spent seven years with Motorola, as global information security manager and then CSO with a European web hosting company prior to joining ICI in 2001.
Simmonds was 2005 CSO of the year (SC Magazine European Awards) and listed in 2004 & 2005 global top 50 most powerful people in networking by the U.S. publication Network World Fusion for his work with the Jericho Forum, which he co-founded and currently serves as an elected board member.

“In today’s world, it is essential that enterprises trust the quality of the code being supplied to them,” Simmonds said. “Veracode will provide an on-demand platform that enables distributed business ecosystems to have consistent security across a partner ecosystem to protect their brand.”

Bill Wray
Bill Wray is Vice Chairman and Chief Information Officer at Citizens Financial Group, Inc., and manages the Manufacturing Group, the enterprise technology and operations arm of Citizens. Wray is a member of the Executive Management Committee, the company’s most senior management group. In addition to technology and operations, his banking experience includes senior roles in credit and risk management. Wray also served as an Army officer and worked in commercial real estate investment prior to beginning his banking career at Shawmut Bank in 1990.

“Scanning binaries helps us to fully understand the unknown risk associated with applications,” Wray said. “Veracode’s scanning technology enables deeper analysis of the security of the application and provides organizations with a greater ability to control risk and implement compensating controls.”

“In a market as dynamic as application security, it’s imperative that Veracode work with seasoned executives who bring unique industry perspectives and understand how the security landscape is truly changing,” said Matt Moynahan, president and chief executive officer of Veracode. “The participation of each new member of our advisory board will enhance Veracode’s ability to be a trusted, independent security services provider to the software industry.”

About Veracode
Veracode is the industry’s first provider of automated, on-demand application security solutions. Created by a world-class team of application security experts, the company delivers services to identify software flaws introduced through coding errors or malicious intent. The Veracode SecurityReview™ solution uses patented binary code analysis and dynamic web testing that is uniquely able to inspect entire application inventories, including components, and does not require companies to expose their valuable source code. Enterprises can now protect their intellectual property while preventing attacks allowed by vulnerabilities in applications.

As the most accurate and comprehensive solution available, Veracode makes it simple and cost-effective to implement application security best practices and reduce operational costs related to manual reviews. Whether a company is developing applications internally, purchasing software or integrating code from partners, Veracode SecurityReview provides insight to the security level of software. Outsourcing code analysis to Veracode is the easiest way to secure your software. With a pragmatic approach to application security, Veracode helps you fix what matters most to your business.
For more information about Veracode, please visit www.veracode.com.

PRESS RELEASE ARCHIVE

Site Map | Responsible Disclosure Policy | Privacy Policy | Contact Us

Veracode offers the first on-demand, application security solution that provides automated application security testing through an easy-to-use, software-as-a-service delivery model. By providing code analysis and web application security testing as a service, organizations have no software or hardware to purchase, install, maintain or upgrade.

With Veracode, enterprises can use application security assessment to achieve code security and implement testing into their secure software development life cycle at key development milestones. For enterprises that want to improve SDLC security without sacrificing profitability or competitiveness, Veracode offers SecurityReview®. SecurityReview combines static, dynamic, and manual testing capabilities and scans code after it has been compiled—at the binary level or "byte" code level rather than the source level, as other solutions do. This offers two distinct advantages: One, binary code analysis is more efficient, so vulnerabilities can be found more quickly and with fewer false positives. And two, binary code analysis is the most complete application security testing method because all code can be scanned regardless of origin.

Information on other topics related to application security assurance, dynamic application security testing, XSS, SQL Injection, IT risk management, static code analysis, and offshore development are also available on this site.