Ounce Labs News
Ounce Labs Announces Availability of 'The Right Tool for the Right Job: An Application Security Tools Report Card' White Paper
WALTHAM, Mass., April 17 PRNewswire — What: Ounce Labs, the industry leader in software risk analysis, has made available online a new white paper authored by the company's chief scientist, Ryan Berg, titled 'The Right Tool for the Right Job: An Application Security Tools Report Card.' Overview: A range of application security tools have been developed to support the efforts to secure the enterprise from the threat posed by insecure applications. But in the ever changing landscape of application security, how does an organization choose the right set of tools to mitigate the risks their applications pose to their environment? Equally important: how, when, and by whom are these tools used most effectively? This paper examines the most common tools found in the enterprise application security environment: — Web Application Firewalls (WAF) — Web Application Scanners (WAS) — Source Code Analyzers (SCA) Each tool is evaluated and compared in terms of how they address critical vulnerabilities, beginning with the Top Ten Vulnerabilities identified by the Open Web Application Security Project (OWASP). The paper also provides an at-a-glance \"report card\" to help ensure that organizations devising their application security strategy have an informed understanding of the approach of each tool, its method for addressing security flaws, and its efficiency and effectiveness in eliminating security threats to data through applications. Where: Download the white paper at: http://www.ouncelabs.com/abstracts/application-security-tools-report.asp Author: Ryan Berg is a Co-Founder and Chief Scientist for Ounce Labs. In addition to advancing the state of the art in application security technologies, Ryan is also a popular speaker, instructor, and author, in the fields of security, risk management, and secure development processes. He holds patents and has patents pending in multi-language security assessment, kernel-level security, intermediary security assessment language, and secure remote communication protocols. Prior to Ounce, Ryan co-founded Qiave Technologies, a pioneer in kernel-level security, which was later sold to WatchGuard Technologies in October of 2000. In the late 1990s, Ryan also designed and developed the infrastructure for GTE Internetworking/Genuity's appliance-based managed firewall and security services.
About Ounce Labs, Inc.
Ounce Labs' industry-leading source code analysis solutions enable organizations to analyze their applications to identify, prioritize and eliminate software security vulnerabilities. Ounce delivers the accuracy, immediate time-to-value, and automated workflow that large enterprises demand while helping organizations such as EDS, IBM, Intel, Lockheed Martin, MFS, the U.S. Government Accountability Office, Unisys and VeriSign, to strengthen application security and protect confidential information. Ounce also helps organizations to verify compliance with internal policies and industry mandates including PCI DSS, FISMA, HIPAA and others. For more information, please visit http://www.ouncelabs.com.
Ounce Labs is a registered trademark of Ounce Labs, Inc. in
MEDIA CONTACTS: Peter Crosby Brenda Menard Ounce Labs Davies Murphy Group 781.547.7012 781.418.2435 Peter.Crosby@ouncelabs.com ounce@daviesmurphy.com http://www.ouncelabs.com http://www.daviesmurphy.com
SOURCE Ounce Labs
Search Our News Using Google Search
Can't find what you want? Try using Google:
