Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Veracode Launches Cloud Based Application Intelligence Service Providing Insight Into Software Security Quality

Application risk management platform provider, Veradode, Inc., today announced Veracode SecurityInsights, a cloud-based service enabling Veracode users to instantly compare their software against the aggregated security quality benchmarks from thousands of applications in their industry.

Application risk management platform provider, Veradode, Inc., today announced Veracode SecurityInsights, a cloud-based service enabling Veracode users to instantly compare their software against the aggregated security quality benchmarks from thousands of applications in their industry.

“Having the ability to compare the state of security in our application portfolio to other organizations in similar industries and projects across Veracode’s comprehensive repository of applications from around the world will be invaluable,” said Donna Durkin, chief information security and privacy officer, Computershare.

Veracode SecurityInsights

With enterprise targeted attacks on the rise, organizations need to manage application risk and require credible application security information to set specific acceptance criteria and internal security policies. By leveraging the SecurityInsights knowledgebase, users are able to establish informed acceptance criteria, evaluate code against dangerous programming errors, and compare open source software and commercial alternatives.

“Veracode SecurityInsights was designed to make it easier for our customers to solidify their software infrastructure before they are attacked or fall victim to a zero-day application vulnerability,” said Matt Moynahan, CEO of Veracode. “Rather than merely responding to breaches and threats, executives now have what it takes to make proactive, enforceable decisions on the level of acceptable application security quality before the attack takes place.”

SecurityInsights data is comprised of anonymized application security data from billions of lines of code and thousands of applications that submitted to Veracode.The platform provides comprehensive benchmark information on security quality in categories including: Application Profile and Portfolio Distribution, Application Security Policy Compliance, Vulnerability Prevalence, Standards Compliance against CWE/SANS Top 25 and OWASP Top 10 vulnerabilities.

SecurityInsights features a growing repository of code-level application information for application types including Web and non-Web applications, programming languages such as Java, C/C++ and .NET from internal development teams, commercial, open source and outsource software suppliers.

Veracode’s cloud-based model for application risk management scales globally across teams and geographies without need for any hardware or software and “gets smarter the more code it processes.” The company claims, that by being more dynamic than “on premise” solutions, developers get higher quality results, reduced risk and significantly improved productivity.

Written By

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.