Wednesday, 27 June 2007
Veracode Intros New Tool for Testing Application Security
|
| |
Veracode has launched a Software Security Ratings Service, introducing its new system for use in testing the security of applications... |
| |
|
| |
Veracode has launched a Software Security Ratings Service, introducing its new system for use in testing the security of applications.
With the launch of its service, Veracode says it has unveiled the world's first standards-based system for rating the overall security of software programmes before they are put into production mode.
While many companies that harbour software development departments have begun using source code analysis tools to look for potential vulnerabilities in their applications, Veracode aims to take the process one step further by offering businesses and ISVs the ability to scan binary code of their programs for problems.
Testing binary code, versus scouring individual lines of source code, allows developers to scan an entire application before it is taken into production, thus increasing their likelihood of finding errors they might have missed along the way, and eliminating the need to pursue code that ends up getting cut from a program before it approaches its final state, Veracode officials said.
"The software industry is valued at roughly billion, but the entire industry has almost no notion of its own security quality, and part of that problem is that there haven't been tools like this in the past," said Matt Moynahan, chief executive of Veracode.
"This is a responsible way for people to improve the security of their code without placing an undue burden on an ISV community that is already desperate to fix this problem, but faces a huge challenge in finding people who are capable of writing safer programmes," he said.
|
| |
|
|
| |
|
|
| |
|
|
| |
|
