02:00 PM
Veracode Introduces SecurityReview for Application Risk Management
Veracode, a provider of application risk management platforms, announced that it has expanded its SecurityReview cloud-based subscription service to simplify managing application security risk and regulatory compliance.
According to the Burlington, MA-based vendor, the enhanced application risk management platform enables enterprises to cost-effectively implement centralized governance and controls for software security across their entire portfolio, while simultaneously providing a continuous skills development model for internal and extended development teams.
The platform enables organizations to identify, classify and track their entire application portfolio regardless of the origin of the application from a central console and set security policy based on compliance or industry standards.
Features include an open source ratings database, which enables organizations to gain access to a growing catalog of independent security ratings for enterprise-class open source projects.
In that way, they can understand the risk of integrating open source software into applications or deploying in their critical software infrastructure, Veracode said.
Further, the platform integrates third party testing of products and services, enabling enterprises, consultants and third party providers to upload results of penetration testing directly into Veracode's platform. According to the vendor, this provides a single framework for managing application risk regardless of testing method or vendor.
Meanwhile, a new Forrester study of 200 businesses in the UK and the U.S. revealed that more than 62% of firms said they experienced a security breach in the past 12 months, due to exploitation of vulnerabilities in their critical software applications.
"The security landscape has clearly changed," Matt Moynahan, CEO of Veracode, said in a release.
"The combination of economic conditions, ad-hoc approaches and the exponential increase of data breaches as a result of insecure software require a new framework to manage application risk." Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio