9.24.07 - Veracode Talk on Application Security for Internally Developed & Third-Party

News & Events

Veracode to Deliver Talk on Application Security for Internally Developed and Third-Party Software

WHO: Chris Wysopal, Founder and CTO, Veracode, Inc.

WHAT: Showcase Ontario 2007

WHEN: Tuesday, September 25, 2:30 pm – 4:00 pm EST

WHERE: Metro Toronto Convention Centre
South Building, 222 Bremner Boulevard,
Toronto, Ontario M5V 3L9, Canada

For more information, please visit Showcase Ontario 2007.

DESCRIPTION: “Software Assurance – Solving the Application Security Challenge for Internally Developed and 3rd Party Software”

Whether you are buying or building software, it is imperative that the security of the software can be validated in a timely and accurate manner to properly assess the risk and potential impact to your organization.

Government and large enterprises are similar in that they both require assistance in the following areas:

• Assessing the security of Commercial Off The Shelf (COTS) software where source code is unavailable
• Analyzing internally developed software for security quality
• Evaluating the security of code developed offshore
• Reviewing software as part of a Request for Proposal (RFP) procurement process

In his presentation, Veracode Founder and CTO Chris Wysopal will discuss how to create an independent application security testing program that effectively automates and manages the operational risk of internally developed applications, as well as externally procured applications and components.

ABOUT VERACODE

Veracode is the industry’s first provider of automated, on-demand application security solutions. Created by a world-class team of application security experts, the company delivers services to identify software flaws introduced through coding errors or malicious intent. Veracode’s core service, SecurityReview® uses patented binary code analysis and dynamic web testing that is uniquely able to inspect entire application inventories, including components, and does not require companies to expose their valuable source code. Enterprises can now protect their intellectual property while preventing attacks allowed by vulnerabilities in applications.

As the most accurate and comprehensive solution, Veracode makes it simple and cost-effective to implement application security best practices and reduce operational costs related to manual reviews. Whether a company is developing applications internally, purchasing software or integrating code from partners, Veracode’s SecurityReview provides insight to the security level of your applications. Outsourcing code analysis to Veracode is the easiest way to secure your software. With a pragmatic approach to application security, Veracode helps you fix what matters most to your business.

Visit www.veracode.com for more information.

Media Contacts:
Jim Crook
Lois Paul & Partners
781-782-5734
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

PRESS RELEASE ARCHIVE

Site Map | Responsible Disclosure Policy | Privacy Policy | Contact Us

Veracode offers the first on-demand, application security solution that provides automated application security testing through an easy-to-use, software-as-a-service delivery model. By providing code analysis and web application security testing as a service, organizations have no software or hardware to purchase, install, maintain or upgrade.

With Veracode, enterprises can use application security assessment to achieve code security and implement testing into their secure software development life cycle at key development milestones. For enterprises that want to improve SDLC security without sacrificing profitability or competitiveness, Veracode offers SecurityReview®. SecurityReview combines static, dynamic, and manual testing capabilities and scans code after it has been compiled—at the binary level or "byte" code level rather than the source level, as other solutions do. This offers two distinct advantages: One, binary code analysis is more efficient, so vulnerabilities can be found more quickly and with fewer false positives. And two, binary code analysis is the most complete application security testing method because all code can be scanned regardless of origin.

Information on other topics related to application security assurance, dynamic application security testing, XSS, SQL Injection, IT risk management, static code analysis, and offshore development are also available on this site.