My First Post      My Facebook Profile      My MeOnShow Profile      W3LC Facebook Page      Learners Consortium Group      Job Portal      Shopping @Yeyhi.com









Friday, May 14, 2010

Veracode as new WhiteBox Testing Tool

Veracode has launched a Software Security Ratings Service, introducing its new system for use in testing the security of applications. Veracode claims to have unveiled the world's first standards-based system for rating the overall security of software programs before they are put into production mode. Again, from usability point of view, Learnin to use VeraCode needs a little more effort than writing 20 lines on Cow!

Veracode SecurityReview delivers benefits to every enterprise:

Exceptional accuracy—The SecurityReview subscription service is supported by a team of world-class experts who constantly review and refine testing methods to deliver the industry's most accurate software security review.
Faster production—SecurityReview accelerates secure application development by providing an application security review that can fit into any development cycle. Because Veracode's solution can handle large volumes of code and return actionable results within 24 to 72 hours, development teams can more easily manage schedules and meet deadlines while ensuring higher security for the enterprise.
Reduced expense—With secure software testing available on an as-needed basis, companies pay only for the services they require.
Complete review—Veracode testing includes tests for malicious code as well as lack of security functionality. It can test both internally and externally developed applications, and can perform dynamic as well as static application security testing. It is simply the most comprehensive software review available.

While many software product have begun using source code analysis tools to look for potential vulnerabilities in their applications, Veracode aims to take the process one step further by offering businesses and ISVs the ability to scan binary code of their programs for problems.

Undoubtedly, there are some constraints on type of build you post to VeraCode for scanning and analysis. There are 5-6 checks as told by VeraCode guideline document. But the, the pre-Scan of VeraCode also helps you a lot if in case you missout something, or forget some symbol files (.pdb files)

Testing binary code allows developers to scan an entire application before it is taken into production, thus increasing their likelihood of finding errors they might have missed along the way, and eliminating the need to pursue code that ends up getting cut from a program before it approaches its final state, Veracode officials said.

The approach also benefits efforts to develop software using the increasingly popular SOA approach by allowing workers to test code being drawn from multiple programs in their final, integrated state, the company maintains. With its great UI, using VeraCode is easy and so helpful!

5 comments:

  1. Really VeraCode is worth to be discussed more. I was trying to find about advantages of Veracode and Whitebox security performance testing. This discussion truly helped me a lot!!!

    ReplyDelete
  2. Thanks Fahad !!
    Your review would be helpful on few others articles too.
    Take care :)

    ReplyDelete
  3. Thanks Sadia !!
    Your review would be helpful on few others articles too.
    Take care :)

    PS:

    ReplyDelete
  4. This blog resolved all my queries I had in my mind. Really helpful and supportive subject matter written in all the points. Hard to find such kind of blogs as descriptive and accountable to your doubts.
    บอล ชุด

    ReplyDelete