Ounce Labs Announces Availability of 'The Right Tool for the Right Job: An Application...
* Reuters is not responsible for the content in this press release.
Ounce Labs Announces Availability of 'The Right Tool for the Right Job: An
Application Security Tools Report Card' White Paper
WALTHAM, Mass., April 17 /PRNewswire/ --
What: Ounce Labs, the industry leader in software risk analysis, has
made available online a new white paper authored by the
company's chief scientist, Ryan Berg, titled 'The Right Tool
for the Right Job: An Application Security Tools Report Card.'
Overview: A range of application security tools have been developed to
support the efforts to secure the enterprise from the threat
posed by insecure applications. But in the ever changing
landscape of application security, how does an organization
choose the right set of tools to mitigate the risks their
applications pose to their environment? Equally important: how,
when, and by whom are these tools used most effectively? This
paper examines the most common tools found in the enterprise
application security environment:
-- Web Application Firewalls (WAF)
-- Web Application Scanners (WAS)
-- Source Code Analyzers (SCA)
Each tool is evaluated and compared in terms of how they
address critical vulnerabilities, beginning with the Top Ten
Vulnerabilities identified by the Open Web Application Security
Project (OWASP).
The paper also provides an at-a-glance "report card" to help
ensure that organizations devising their application security
strategy have an informed understanding of the approach of each
tool, its method for addressing security flaws, and its
efficiency and effectiveness in eliminating security threats to
data through applications.
Where: Download the white paper at:
http://www.ouncelabs.com/abstracts/application-security-tools-report.asp
Author: Ryan Berg is a Co-Founder and Chief Scientist for Ounce Labs. In
addition to advancing the state of the art in application
security technologies, Ryan is also a popular speaker,
instructor, and author, in the fields of security, risk
management, and secure development processes. He holds patents
and has patents pending in multi-language security assessment,
kernel-level security, intermediary security assessment
language, and secure remote communication protocols.
Prior to Ounce, Ryan co-founded Qiave Technologies, a pioneer in
kernel-level security, which was later sold to WatchGuard
Technologies in October of 2000. In the late 1990s, Ryan also
designed and developed the infrastructure for GTE
Internetworking/Genuity's appliance-based managed firewall and
security services.
About Ounce Labs, Inc.
Ounce Labs' industry-leading source code analysis solutions enable
organizations to analyze their applications to identify, prioritize and
eliminate software security vulnerabilities. Ounce delivers the accuracy,
immediate time-to-value, and automated workflow that large enterprises demand
while helping organizations such as EDS, IBM, Intel, Lockheed Martin, MFS, the
U.S. Government Accountability Office, Unisys and VeriSign, to strengthen
application security and protect confidential information. Ounce also helps
organizations to verify compliance with internal policies and industry
mandates including PCI DSS, FISMA, HIPAA and others. For more information,
please visit http://www.ouncelabs.com.
Ounce Labs is a registered trademark of Ounce Labs, Inc. in the United
States and other countries. Other product or service names mentioned herein
are the trademarks of their respective owners.
MEDIA CONTACTS: Peter Crosby Brenda Menard
Ounce Labs Davies Murphy Group
781.547.7012 781.418.2435
Peter.Crosby@ouncelabs.com ounce@daviesmurphy.com
http://www.ouncelabs.com http://www.daviesmurphy.com
SOURCE Ounce Labs
Peter Crosby of Ounce Labs, +1-781-547-7012, Peter.Crosby@ouncelabs.com; or
Brenda Menard of Davies Murphy Group, +1-781-418-2435, ounce@daviesmurphy.com,
for Ounce Labs
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.
Follow Reuters