9.10.07 Veracode Founder and CTO to Keynote on Software Security Testing

News & Events

Veracode Founder and CTO Chris Wysopal to Deliver Keynote on Software Security Testing

WHO:   Chris Wysopal, Founder and CTO, Veracode, Inc.

WHAT:   Practical Software Quality and Testing Conference

WHEN: Wednesday, September 12th, from 8:15 a.m. - 9:15 a.m. CDT

WHERE:  Radisson Hotel & Conference Center
                 3131 Campus Drive
                 Plymouth, MN 55441

Visit the PSQT Conference for more information.

DESCRIPTION: When it comes to prioritizing software security testing, most people don’t know where to begin. Chris Wysopal will explain why it is important to use a risk-based approach in order to effectively test security. Given the large number of vulnerabilities that needs to be prevented, the number of test cases rises quickly. To perform successful security testing, prioritization is paramount.

The keynote will illustrate white box and black box analysis techniques coupled with threat modeling to discover the highest risk threats. Attendees will learn how to focus testing on areas that are most likely to be attacked and on the vulnerabilities that will have the highest impact.

ABOUT VERACODE
Veracode is the industry’s first provider of automated, on-demand application security solutions. Created by a world-class team of application security experts, the company delivers services to identify software flaws introduced through coding errors or malicious intent. Veracode’s core service, SecurityReview uses patented binary code analysis and dynamic web testing that is uniquely able to inspect entire application inventories, including components, and does not require companies to expose their valuable source code. Enterprises can now protect their intellectual property while preventing attacks allowed by vulnerabilities in applications.

As the most accurate and comprehensive solution, Veracode makes it simple and cost-effective to implement application security best practices and reduce operational costs related to manual reviews. Whether a company is developing applications internally, purchasing software or integrating code from partners, Veracode’s SecurityReview provides insight to the security level of your applications. Outsourcing code analysis to Veracode is the easiest way to secure your software. With a pragmatic approach to application security, Veracode helps you fix what matters most to your business.

Visit www.veracode.com for more information on Veracode.

Media Contact:
Jim Crook
Lois Paul & Partners
781-782-5734
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

PRESS RELEASE ARCHIVE

Site Map | Responsible Disclosure Policy | Privacy Policy | Contact Us

Veracode offers the first on-demand, application security solution that provides automated application security testing through an easy-to-use, software-as-a-service delivery model. By providing code analysis and web application security testing as a service, organizations have no software or hardware to purchase, install, maintain or upgrade.

With Veracode, enterprises can use application security assessment to achieve code security and implement testing into their secure software development life cycle at key development milestones. For enterprises that want to improve SDLC security without sacrificing profitability or competitiveness, Veracode offers SecurityReview®. SecurityReview combines static, dynamic, and manual testing capabilities and scans code after it has been compiled—at the binary level or "byte" code level rather than the source level, as other solutions do. This offers two distinct advantages: One, binary code analysis is more efficient, so vulnerabilities can be found more quickly and with fewer false positives. And two, binary code analysis is the most complete application security testing method because all code can be scanned regardless of origin.

Information on other topics related to application security assurance, dynamic application security testing, XSS, SQL Injection, IT risk management, static code analysis, and offshore development are also available on this site.