Ratings

VerAfied Software Assurance

The VerAfied security mark is quality indicator for the security level of applications and software components. Veracode’s ratings are completely transparent and based on industry accepted standards for software assessment from NIST, CWE and CVSS against vulnerability benchmarks such as the OWASP Top 10 and CWE-SANS Top 25.

The VerAfied mark signifies that an application has received an independent application risk management assessment from Veracode and the provider has resolved or mitigated any vulnerabilities identified. Due to the nature of software security testing, no organization can guarantee that the lack of discoverable flaws means their software is completely secure. However, through rigorous independent testing using Veracode’s automated static binary analysis, automated dynamic web vulnerability scanning, enhanced dynamic analysis testing, and/or manual penetration analysis these organizations have utilized the most widely accepted and comprehensive methods available to secure their software.

The following vendors and products have been assessed by Veracode and have received the VerAfied mark for software security.

	HID Global naviGO v1.37	naviGO is a cost-effective solution that simplifies deployment of strong authentication. View Details

	Mimecast Services for Exchange v1.0	Mimecast delivers SaaS-based enterprise email management including archiving, discovery, continuity, security and policy. View Details

	MedMatics CoaguTrak®	CoaguTrak is a web-based application designed to help deliver superior care for patients on a Coumadin treatment. View Details

	PlaSec Collaboration Platform 1.9	The PlaSec Collaborative Platform enables convergence between physical access and native IT security applications resulting in a greatly simplified and cost-effective solution. View Details

	LiveLOOK v2.0.0.3	LiveLOOK is an instant screen sharing company. LiveLOOK CoBrowse allows for an instant visual link between consumers and agents. LiveLOOK’s patent-pending technology works on Windows, Mac and Linux with any web browser, and requires no software downloads for either consumers or agents. View Details

	Apache Solr Version 1.3.0	Solr is an open source enterprise search server based on the Lucene Java search library, with XML/HTTP and JSON APIs, hit highlighting, faceted search, caching, replication, and a web administration interface. View Details

	OpenVPN v2.0.9	OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load-balancing, failover, and fine-grained access-controls. View Details

	Sendmail MTA v8.11.7,8.14.3	Sendmail is a mail transfer agent (MTA) that supports many kinds of mail transfer and delivery including the overwhelmingly popular SMTP. View Details

	Vuze V4.0.0.4	Vuze is the world's most popular entertainment platform for high-res digital video content. With an installed base of 18 million unique client downloads in its first year, 500,000 new downloads per week and 150 content partners to date, Vuze is experiencing unprecedented organic growth. View Details

Site Map | Responsible Disclosure Policy | Privacy Policy | Contact Us

Veracode's application security testing solution quantifies an application's security risk based on types, number and severity levels of flaws identified in the application. Veracode analyzes the key application security risks that matter most to enterprises including the most prevalent software vulnerabilities, the absence and presence of security features (e.g. encryption) and backdoors in third-party code. Each application's rating is generated based on automated static binary analysis, automated dynamic and/or manual security analysis techniques.

Veracode solutions deliver application security review services for enterprises that want to cost-efficiently achieve software security by identifying flaws in applications. Veracode SecurityReview is the first automated, on-demand, application security software solution that uses static binary analysis. Static application security testing enables organizations to scan software for flaws and malicious code before purchasing or deploying it. And because Veracode's approach to Static application security testing uses binary analysis—scanning binary code (compiled or "byte" code) instead of source code—SecurityReview can test 100 percent of an application, offering comprehensive coverage and greater application security. In addition, Veracode's web application security testing can provide Web services security as a critical part of an enterprise-wide software assurance strategy.

Please access other sections of this site to learn more about our approach to security testing, code review, web security and application backdoors.