Independent Audit for ISVs

A fast and hassle-free way to obtain independent verification that your software meets corporate security policies

Third-party software security is a growing concern for all enterprises, and often arises as a valid objection during the procurement or renewal process. In fact, industry organizations such as FS-ISAC are now recommending static binary analysis as a best practice control for reducing third-party software risk. They’re also seeking to establish reputation repositories for sharing information about third-party application risk.

While VAST provides enterprises with outsourced program management for reducing the risk of third-party software, software vendors can also sign-up for the VAST program.

VAST delivers direct benefits to participating vendors such as proactive remediation of application-layer threats and greater control and confidentiality over analysis results. We act as a trusted, independent party to help broker results and facilitate communication with our mutual enterprise customers.

The VAST solution provides software vendors and suppliers with:

  • Full access to a scalable, easy-to-use cloud-based platform that automates all test procedures and analyzes binaries, not source code.

  • Rigorous analysis of any application — whether commercial, outsourced, SaaS or mobile — using industry best practices.

  • Detailed test results that provide line of code level information to development teams and help prioritize exposed security vulnerabilities.

  • Dedicated support and step-by-step expert guidance for successful remediation efforts.

  • The option to publish a summary test report, via our cloud-based platform, to your enterprise customer or to any other current or potential customer.

Participating vendors receive published attestation that validates an improved level of software security with each and every submission. This shortens sales cycles by speeding customer procurements, acceptances and renewals.

Even small, incremental improvements in application security, when done properly, will go a long way toward strengthening customer loyalty. It allows vendors to not only achieve compliance with their customers’ corporate security policies — but also to establish greater competitive advantage in their respective markets.