Print This Story  Email This Story  Save this Link View PR Newswire's RSS Feed  Blogs Discussing this News Release  Search Blogs that Mention this News Release  Click this link to view linked Bookmarking Services Click this link to view linked Blogging Services

Veracode to Demo Service at RSA Conference 2007, Booth # 2612
 
  Founder and CTO Chris Wysopal to Participate in "Vulnerability Reporting
           And Full Disclosure: The Naked Truth" Panel Discussion

    BURLINGTON, Mass., Jan. 30 /PRNewswire/ -- Veracode Inc., which
launched this month as the industry's first provider of automated,
on-demand application security solutions, today announced its presence at
RSA Conference 2007 in San Francisco, February 5-7, 2007. The Company will
exhibit at the event and demonstrate its SecurityReview(TM) solution suite
in booth #2612. Veracode SecurityReview(TM) is based on patented binary
code analysis technology that inspects the entire application including
third party libraries, without exposing valuable source code. The Company
will demonstrate how organizations submit applications to the Veracode
on-demand service, how applications are processed, and walkthrough a
complete application vulnerability analysis including how security flaws
are prioritized for remediation.
    Additionally, Veracode Founder and CTO Chris Wysopal will participate
in a panel session focusing on vulnerability reporting and full disclosure.
Wysopal's panel session, "Vulnerability Reporting and Full Disclosure: The
Naked Truth" (code: LAW-203), will be held on Wednesday, February 7th at
10:30 a.m. in the Burgundy room. The panel of security industry experts
will discuss full disclosure vulnerability reporting and the legality of
disclosure. Mr. Wysopal will be addressing Disclosure 2.0 and the
challenges facing vulnerability researchers with Web 2.0 vulnerabilities
and the challenges facing vendors with mashup, composite applications.
    Specifically, the session will address:
     - the original intentions of full disclosure reporting;
     - the various mutations of full disclosure, contrasting it against the
       opposite practice in vulnerability reporting, security through
       obscurity;
     - how to recognize the complications associated with full disclosure and
       the business-side effects, and;
     - the legal grey area in vulnerability disclosure - proving how security
       researchers may be liable for damages caused by the broadcast of a
       security weakness.
    Chris Wysopal recently co-authored the book, The Art of Software
Security Testing: Identifying Security Flaws, published by Addison Wesley
and Symantec Press. He will be signing copies of the book on Tuesday, Feb.
6th, from 3:00 p.m. to 3:30 p.m. at the Digital Guru Bookstore at the RSA
Conference. Mr. Wysopal is recognized as an expert and a well-known speaker
in the information security field. He has given keynotes at computer
security events and testified on Capitol Hill on government computer
security and how vulnerabilities are discovered in software.
    Veracode recently entered the market with $19.5M in venture capital
funding from .406 Venture Partners, Atlas Venture and Polaris Ventures.
    Delivered through a Software as a Service (SaaS) platform, Veracode's
SecurityReview(TM) provides the easiest, most accurate and in-depth
application security analysis available today. With its patented binary
code analysis and on-demand model, Veracode offers the most comprehensive
way to identify and remediate the security flaws in software.
    About Veracode
    Veracode is the industry's first provider of automated, on-demand
application security solutions. Created by a world-class team of
application security experts from @stake, Guardent, ISS, VeriSign and
Symantec, the company delivers services to identify software flaws
introduced through coding errors or malicious intent. Veracode's core
service, SecurityReview(TM) is based on a patented binary code analysis
that inspects the entire application, including components, and does not
require companies to expose their valuable source code. Enterprises can now
protect their intellectual property while preventing attacks allowed by
vulnerabilities in applications.
    Veracode makes it simple and cost-effective to implement application
security best practices and reduce operational costs related to manual
reviews. Whether a company is developing applications internally,
purchasing software or integrating code from partners, Veracode's
SecurityReview(TM) provides insight to the security level of your
applications. Outsourcing code analysis to Veracode is the easiest way to
secure your software. With a pragmatic approach to application security,
Veracode helps you fix what matters most to your business.
    Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas
Venture and Polaris Venture Partners. http://www.veracode.com
SOURCE Veracode Inc.



Back to Topback to top

Related links:
  • http://www.veracode.com
    CONTACT:
    Kate Munro of Veracode, +1-781-425-6040 ext.
    296, or kmunro@veracode.com; or Rachel Miller of SHIFT
    Communications, +1-617-681-1256, or veracode@shiftcomm.com
    www.technorati.com Blogs Linking to this News Release at Technorati
    Issuers of news releases and not PR Newswire are solely responsible for the accuracy of the content.
    Terms and conditions, including restrictions on redistribution, apply.
    Copyright © 1996- PR Newswire Association LLC. All Rights Reserved.
    A United Business Media company.