Free Trial callout
The latest from Veracode We invite you to visit our resource section frequently as we update it with links to reports, podcasts, webcasts, white papers and research. ResourcesVeracode Report The State of Software Security Report Volume 1View and download the Veracode Report on the State of Software Security. This semi-annual report is the most comprehensive of its kind because it draws on the continuously updated information resident in Veracode’s unique cloud-based application risk management services platform. The data represents intelligence gleaned from the analysis of more than 55 billion lines of code and thousands of applications. It is growing every minute as more organizations come to Veracode for independent verification of the security quality of their software. DemonstrationsProduct Demonstration
View the demo of Veracode SecurityReview - the standard for on-demand application security testing. The 5 minute demo, in flash format, provides a narrated guide to various aspects of Veracode's On-Demand Assurance Platform. Blackberry Spyware Demo
View the demo of Veracode SecurityReview - the standard for on-demand application security testing. The 5 minute demo, in flash format, provides a narrated guide to various aspects of Veracode's On-Demand Assurance Platform.
WhitepapersAnti-Debugging – A Developers View
Anti-debugging is the implementation of one or more techniques within computer code that hinders attempts at reverse engineering or debugging a target binary. Within this paper we will present a number of the known methods of antidebugging in a fashion that is easy to implement for a developer of moderate expertise. Protecting Your Organization from Application Backdoors
This whitepaper discusses how binary (compiled code) analysis is the ideal platform for detecting backdoors and conducting the most complete independent security test, validation and verification of applications. WebcastsForrester Survey Briefing – Software Risk in Enterprises
Join Forrester Research’s Principal Analyst Chenxi Wang Ph.D. and Veracode CTO, Chris Wysopal, in a webinar where they will be sharing the complete results from the Application Risk in Business Survey along with their expert commentary on industry best practices. Is There Lead Paint in Your Offshore Code?
Veracode's Mike Puglia and John Jacott discuss what you need to know about securing applications developed by offshore outsourcing providers. PodcastsPCI Primer - Introduction to PCI Compliance
Mike Puglia, Director of Product Marketing at Veracode, provides an overview of PCI compliance for merchants and service providers. NetworkWorld Podcast - Application Outsourcing
Matt Moynahan, CEO of Veracode, discusses his company's system for examining code (even when its already made into a binary) with Network World's Jason Meserve. DatasheetsSDLC SecurityReview
Veracode's SDLC SecurityReview enables security teams to conduct security assessments on mission-critical internally developed applications before they ship. COTS SecurityReview
Veracode’s COTS SecurityReview provides enterprises with an independent security assessment of purchased commercial off-the-shelf software – stopping security risk before it enters the organization. |
|
Veracode offers the first on-demand, application security solution that provides automated application security testing through an easy-to-use, software-as-a-service delivery model. By providing code analysis and web application security testing as a service, organizations have no software or hardware to purchase, install, maintain or upgrade. With Veracode, enterprises can use application security assessment to achieve code security and implement testing into their secure software development life cycle at key development milestones. For enterprises that want to improve SDLC security without sacrificing profitability or competitiveness, Veracode offers SecurityReview®. SecurityReview combines static, dynamic, and manual testing capabilities and scans code after it has been compiled—at the binary level or "byte" code level rather than the source level, as other solutions do. This offers two distinct advantages: One, binary code analysis is more efficient, so vulnerabilities can be found more quickly and with fewer false positives. And two, binary code analysis is the most complete application security testing method because all code can be scanned regardless of origin. Information on other topics related to application security assurance, dynamic application security testing, XSS, SQL Injection, IT risk management, static code analysis, and offshore development are also available on this site and on the Veracode Blog. |