PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
July/August 2007

At Your Service: Veracode's SaaS-based application analysis

SecurityReview Veracode Price: Minimum cost of engagement is at $40K Application development has historically given short shrift to security, and we pay the price for it every day as attackers exploit vulnerable Web apps to control corporate systems and steal sensitive data. Companies are finally building security into the software development lifecycle, but vetting software for security is difficult, time-consuming and error-prone. Organizations often turn to pen testers and/or a variety of commercial products. Symantec spinoff Veracode weighs in with an on-demand software-as-a-service (SaaS) that performs binary analysis of any application. Customers upload apps to Vera-code, which reports possible flaws and recommends remediation. Binary analysis offers particular advantages. Companies are often twitchy about sharing source code, and binary analysis may well find flaws that source code, Web crawling and manual analysis miss. Moreover, applications are typically not monolithic, single-source programs but are ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue