Automated security tool finds flaws in enterprise apps

Enhancements to the Ounce source code analysis tool will help companies analyze large enterprise applications quickly for security flaws, according to Ounce Labs.

Enhancements to the Ounce source code analysis tool will help companies analyze large enterprise applications quickly

for security flaws, according to Ounce Labs.

Ounce 6.0, available in early August, uses an automation server to automatically scan applications, providing prioritization and developer assignments without human intervention and delivering only confirmed vulnerabilities to the developer desktop, said Jack Danahy, CTO and founder of Ounce Labs.

"People want to do various types of triage," he said. "We've received more requests for automated triage."

To satisfy those requests, Ounce 6 includes Developer Triage and Team Triage. Developer Triage enables developers to act quickly on the most serious vulnerabilities, while Team Triage allows team members other than developers to look at the assessment data, make decisions, and merge data back into the system.

Ounce 6 also gives developers the ability to access analytic functions and give security analysts developer capabilities in the analyst framework.

"What we found out is sometimes the person doing triage is also the lead developer and would like to see the analyst functionality in the developer world. And we have security analysts who want developer tools," Danahy said. "The suite is much more flexible for the individual role players who want to take advantage of it."

For more information about Ounce 6, visit Ounce Labs' Web site.

Dig deeper on Software Security Testing Tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close