Have You VerAfied Your Software?
Printer-friendly version
PDF versionVeracode Introduces VerAfied™ Mark of Software Security and FREE First Time Rating for Independent Software Vendors (ISVs)
Burlington, Mass. – September 21, 2009– Veracode Inc., provider of the world’s leading cloud-based application risk management services platform, today announced it has expanded its independent software ratings with the introduction of theVerAfied™software security mark enabling software providers to demonstrate and market the security of their software products as a competitive differentiator. Veracode also announced that it will work with ISVs free of charge to achieve the VerAfied mark to demonstrate the ease with which they can improve the security quality of software.
“Many in the Federal Government have advocated the need for independent and transparent vetting of the security attributes of software,” said Joe Jarzombek, Director for Software Assurance, in the National Cyber Security Division of the Department of Homeland Security. “The independent determination of security quality attributes is important to Federal agencies given the need to mitigate security risks across the software supply chain. Software suppliers should assert claims about the security of their products, backed by evidence from the use of qualified static analysis of the code.”
The VerAfied security mark is a quality indicator for the security level of applications and software components. Achievement of the VerAfied mark independently validates the software provider’s commitment to improving software security. Software providers who have earned the VerAfied mark to date include HID Global, LiveLOOK, Medmatics, Mimecast, OpenVPN, and Sendmail among others. Veracode’s ratings are independent, completely transparent and based on industry accepted standards for software assessment from NIST, CWE and CVSS against vulnerability benchmarks such as the OWASP Top 10 and CWE-SANS Top 25.
“Insecure and poorly configured software has led to a number of the high-profile data breaches in recent headlines,” said Diana Kelley, principal analyst, SecurityCurve. “The ability for ISVs to have their software independently rated allows enterprises to manage risk by determining whether or not the software meets their evolving requirements before or even after purchasing and deploying.”
To complement the new VerAfied and free initial rating announcements, Veracode introduced special introductory pricing for independent software vendors (ISVs), also known as commercial-off-the-shelf (COTS) software providers. For $2,500 Veracode is offering a one year unlimited subscription to its SecurityReview application risk management services platform enabling them to build security into their development processes. Additional developer education, advisory, and testing services are also available.
“Enterprises and government agencies are demanding independent proof that the software they are purchasing is secure,” said Matt Moynahan, CEO, Veracode. “Before Veracode, it was impossible to easily and cost-effectively demonstrate compliance with this requirement with traditional on-premise tools. By creating the VerAfied mark and removing the cost and adoption barriers of on-premise tools, Veracode is driving to make it unbelievably simple and affordable for ISVs to ship secure products and differentiate their company in a competitive market environment. It’s an unmatchable value and demonstrates Veracode’s commitment to a more secure world of software.”
Software providers can request their free first time rating at:
http://www.veracode.com/ratings/get-your-product-verafied.html
Veracode will be hosting a webinar event, “5 Reasons Why ISVs Should Get VerAfied” on Wednesday, September 30th at 1pm ET. Register for the webinar event at:
http://www.veracode.com/verafied
About Veracode
Veracode provides the world’s leading Application Risk Management Platform. Veracode SecurityReview‘s patented and proven cloud-based capabilities allow customers to govern and mitigate software security risk across a single application or an enterprise portfolio with unmatched simplicity. Customers include the world’s largest and most security aware organizations in every industry. Recognized as a Gartner “Cool Vendor,” The Wall Street Journal’s “Technology Innovation Award,” The Banker’s “Information Security Project of the Year” with Barclays, SC Magazine’s “Best Vulnerability Assessment Solution,” Information Security “Readers’ Choice Award,” and AlwaysOn Northeast's "Top 100 Private Company,” Veracode is Software Security Simplified™. For more information, visitwww.veracode.com.
Beth Cossette
Lois Paul & Partners
781-782-5715
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
News Source : Have You VerAfied Your Software?
Copy this html code to your website/blog and link to this press release.
More User Press Releases
- Veracode First Cloud-Based Security Service to Reach 50 Billion Lines of Code Milestone
- Veracode Co-Founder to Heighten Awareness of Backdoor Vulnerabilities at RSA Conference 2008
- Veracode Named Finalist in 2010 SC Magazine Awards
- James Cash, Jr., Ph.D., Joins Veracode Board of Directors
- Security Innovation and Veracode Partner to Provide Security Training
- Veracode Appoints Chris Reisig as Senior Vice President of Sales and Business Development
- America's Growth Capital's Emerging Growth Conference
- PlaSec Achieves VerAfied Security Mark
- Veracode CTO to Speak at QAAC Seminar
- Veracode to Speak at SecureWorld Bay Area
Facebook
Twitter
del.icio.us
LinkedIn
Digg
StumbleUpon
Forward
Google
Favorite
Favorite on Technorati