Brief: Ounce Labs extends coverage of source code analysis tool

By SearchSoftwareQuality.com Staff 27 Sep 2007 | SearchSoftwareQuality.com

Digg This!     StumbleUpon     Del.icio.us

Ounce Labs recently announced support for Microsoft ASP, often referred to as "Classic ASP," extending its Ounce 5 source code analysis solution to cover the complete range of server-side Web scripting applications, including ASP, Microsoft Visual Basic 6.0, Microsoft Visual Basic Scripting Edition (VBScript), and JavaScript. Ounce is the first static source code analysis solution to provide support for Classic ASP to help organizations reduce the potential for security breaches across all their web applications, including those using earlier versions of key technologies, the company said.

With this new support for Classic ASP, Ounce expands the portfolio of languages supported by Ounce 5, which also includes Microsoft Visual C/C++, Microsoft Visual C#, Microsoft ASP.NET 2005, Visual Basic .NET 2003 and Java/JSP. Ounce delivers enterprise-class source code analysis that supports the complete range of Web-based applications in use by today's enterprises.

"Thousands of applications written using Classic ASP are in use today. These applications, as well as earlier Web-enabled Visual Basic applications, remain vulnerable to various forms of attack, such as SQL injection and cross-site scripting," said Diana Kelley, vice president and service director at Burton Group. "Using enterprise-class source code analysis tools to expose application vulnerabilities for remediation will undoubtedly result in fewer security incidents."

Hugh Scandrett, CEO of Ounce Labs, said the added support for Classic ASP is a direct response to requests from customers. "By offering support for Classic ASP, Ounce can help enterprises to understand and manage risk across more of their application portfolio, and to capitalize on cost-savings through the secure reuse and leverage of existing software assets," he said.

Ounce support for Classic ASP will be generally available Oct. 19.

Tags: Software security testing tools,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Software security testing tools How to make your software tamperproof How can I tell if my software security has been breached? Lesser-known free software testing tools testers should try Demo: Using WebGoat, a free software testing tool Rich Internet applications security testing checklist Finding cross-site scripting (XSS) application flaws checklist Webgoat Tutorial Retaking command of your hacked software Identifying whether or not your site or software has been hacked Selecting the best tool for stress and load testing

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary penetration testing  (SearchSoftwareQuality.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary