Access "At Your Service: Veracode's SaaS-based application analysis"
This article is part of the July/August 2007 issue of CISO survival guide: 18 of the best security tips
SecurityReview Veracode www.veracode.com Price: Minimum cost of engagement is at $40K Application development has historically given short shrift to security, and we pay the price for it every day as attackers exploit vulnerable Web apps to control corporate systems and steal sensitive data. Companies are finally building security into the software development lifecycle, but vetting software for security is difficult, time-consuming and error-prone. Organizations often turn to pen testers and/or a variety of commercial products. Symantec spinoff Veracode weighs in with an on-demand software-as-a-service (SaaS) that performs binary analysis of any application. Customers upload apps to Vera-code, which reports possible flaws and recommends remediation. Binary analysis offers particular advantages. Companies are often twitchy about sharing source code, and binary analysis may well find flaws that source code, Web crawling and manual analysis miss. Moreover, applications are typically not monolithic, single-source programs but are built on various pieces ... Access >>>
Premium Content for Free.
Emerging Technologies: How to secure new products
New business initiatives mean new threats.
Protecting Your Brand
Customer confidence is at risk when a breach occurs.
Is perimeter security viable with Swiss cheese networks?
At Your Service: Veracode's SaaS-based application analysis
Metasploit Framework 3.0 Product Review
In this product review, learn everything about the Metasploit Framework 3.0, a penetration testing tool for Linux and Windows platforms.
- Emerging Technologies: How to secure new products
Success requires skills in business, technology and people.
Antivirus: ESET's NOD32 Antivirus 2.7
ESET's NOD32 Antivirus 2.7
Unified Threat Management: Secure Computing's Sidewinder 2150 v7
Secure Computing's Sidewinder 2150 v7
Encryption software vendors can expect challenge from hardware front
Until now, the laptop encryption market has belonged to software vendors. Learn how all that has changed.
Endpoint Security: F-Secure's Client Security 7.0
F-Secure's Client Security 7.0
- Office Politics
More Premium Content Accessible For Free
FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure ...
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...