Enterprise Software

Cloud-Based Service facilitates application management.

Veracode, Inc. May 04, 2009

Press Release Summary:



SecurityReview® provides security risk and regulatory compliance management across enterprise application portfolio, including internally developed, purchased, outsourced, and open source applications. Enterprises and ISVs can implement centralized governance and controls for software security while simultaneously providing continuous skills development model for development teams. Integration support is also provided for third party testing products/services and GRC frameworks.


Original Press Release:



Veracode Introduces SecurityReview® for Application Risk Management



Enhanced cloud-based service simplifies security and compliance risk management across a diverse enterprise application portfolio

Burlington, Mass. - 20 April, 2009 - Veracode Inc., provider of the world's leading Application Risk Management Platform, today announced that it has expanded its SecurityReview® cloud-based subscription service to simplify managing application security risk and regulatory compliance across a diverse enterprise application portfolio including internally developed, purchased, outsourced and open source applications. The enhanced Application Risk Management platform, available this calendar quarter, enables enterprises and ISVs to cost-effectively implement centralized governance and controls for software security across their entire portfolio while simultaneously providing a continuous skills development model for internal and extended development teams.

More than 62% of businesses have experienced a security breach in the last 12 months due to exploitation of vulnerabilities in their critical software applications, according to a new survey conducted by Forrester Research. Veracode SecurityReview provides organizations with a holistic approach to combat the epidemic of security breaches, compliance failures and business process interruptions.

"Being able to quantify and qualify the risk from applications, internally developed, outsourced or commercial software enables us to make informed acquisition and deployment decisions and protect our critical data," said, Stephen Scharf, CISO of Experian . "Having the ability to embed security training, integrate our existing internal testing and have insight into the security of open source through a single platform provides us with a clear and measureable compliance framework."

With this release, Veracode's SecurityReview has expanded its industry leading static and dynamic application security testing to include:

Application Portfolio Management
Veracode's Application Risk Management Platform enables organizations to identify, classify and track their entire application portfolio regardless of the origin of the application from a central console and set security policy based on compliance or industry standards such as PCI, SANS Top 25 or OWASP Top 10.

Developer Training and eLearning
Web-based secure programming training modules for developers and security personnel are integrated directly into Veracode's Application Risk Management Platform enabling organizations to meet formal security training, CPE credit and competency testing requirements and to continuously improve their skills through targeted.

Open Source Ratings Database (OSRDB)
Through Veracode's Open Source Ratings Database, organizations gain access to a growing catalog of independent security ratings for enterprise-class open source projects to understand the risk of integrating open source software into applications or deploying in their critical software infrastructure.

Integration of 3rd Party Testing products and services
Enterprises, consultants and third party providers can upload results of penetration testing directly into Veracode's platform providing a single framework for managing application risk regardless of testing method or vendor.

Integration with Enterprise Governance, Risk and Compliance Frameworks
Recently announced, enterprises will have direct access to Veracode's SecurityReview application risk management data within Archer's SmartSuite Framework, allowing centralized management of critical business intelligence for internal and externally sourced applications.

Unlimited Usage Subscriptions
Unlimited usage is designed to overcome complex pricing models associated with on-premise software licenses ranging from per seat, per CPU, and/or per line of code pricing schemes. Veracode's Software-as-a-Service (SaaS) subscription enables organizations to do more with less by leveraging Veracode's cloud-based platform to conduct unlimited security assessments.

"Most companies know there's an application security problem," said Diana Kelley principal analyst, SecurityCurve. "Today's application development, testing, purchasing, and outsourcing processes are often poorly managed and ad-hoc, leading to inefficient spending and uneven results. To achieve consistent application risk governance, organizations need to implement coherent, repeatable processes within an enterprise-wide application risk framework."

"The security landscape has clearly changed," said Matt Moynahan, CEO of Veracode. "The combination of economic conditions, ad-hoc approaches and the exponential increase of data breaches as a result of insecure software require a new framework to manage application risk. Veracode's recent service enhancements demonstrate our continued commitment to providing our customers with a simple, intuitive and turnkey approach to implementing effective application security programs. By leveraging Veracode's cloud-based application risk management infrastructure, organizations can protect their employee, customer and partner data in a rapid and cost-effective enterprise-wide deployment model."

About Veracode
Veracode provides the world's leading Application Risk Management Platform. Veracode SecurityReview's patented and proven cloud-based capabilities allow customers to govern and mitigate software security risk across a single application or an enterprise portfolio with unmatched simplicity. Customers include the world's largest and most security aware organizations in every industry. Recognized as a Gartner "Cool Vendor" and with The Wall Street Journal's "Technology Innovation Award," The Banker's "Information Security Project of the Year" with Barclays, SC Magazine's "Best Vulnerability Assessment Solution," Information Security "Readers' Choice Award," and AlwaysOn Northeast's "Top 100 Private Company," Veracode is Software Security Simplified(TM). For more information, visit www.veracode.com.

White Papers & Case Studies

View All White Papers & Case Studies

View All Resources

All Topics

Manufacturing Innovation

Industry Trends

Engineering & Design

Sales & Marketing

Supply Chain

Career & Workforce

Company News

New Products

Thomas Index

Daily Bite

Find Suppliers, Insights, Tools and More...

Become part of North America's largest and most active network of B2B buyers and industrial/commercial suppliers.

Select From Over 500,000
Industrial Suppliers

Find and evaluate OEMs, Custom Manufacturers, Service Companies and Distributors.

Receive Daily
Industry Updates

Stay up to date on industry news and trends, product announcements and the latest innovations.

Search Over
6 Million Products

Find materials, components, equipment, MRO supplies and more.

Download 2D & 3D
CAD Models

10+ million models from leading OEMs, compatible with all major CAD software systems.
Start Sourcing Suppliers Claim Your Company Profile ico-arrow-default-right
Cookie Policy
Close
Thomas uses cookies to ensure that we give you the best experience on our website. By using this site, you agree to our Privacy Statement and our Terms of Use.
Accept