Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Code testing to be included in government software contracts

Veracode : 17 October, 2008  (Application Story)
Expanded inclusion in government software contracting for Veracode
Veracode has announced its inclusion in two more government-wide contracting vehicles as a source for the Federal Government's information security solutions. Through its partner, Intelligent Decisions, a certified small, minority-owned business and a leading provider of information technology solutions to the federal market, Veracode is being included in both the NASA Solutions for Enterprise-Wide Procurement (SEWP IV) GWAC (Government-Wide Acquisition Contract) as well as the National Institute of Health's (NIH) ECS III (GWAC).

This is further indication of Veracode's focus on the government market, given the greater attention being paid to the risks that complex commercial and custom developed applications can introduce to the government infrastructure. This is especially important given that the US federal IT spending budget is expected to increase to $70.9 billion in 2009 according to Forrester Research1 with software procurement playing a significant factor within that budget. Veracode's inclusion in the SEWP IV and ECS III contracting vehicles, coupled with its previously announced inclusion in the Patriot's GSA schedule, will make it simpler for government agencies to purchase the Veracode's SecurityReview service designed to give a clear and independent assessment of an agencies application security risk.

"Participating in contracting vehicles such as SEWP IV and ECS III better positions Veracode to help government organizations identify and eradicate software vulnerabilities in internally and externally developed code," Kimberly Baker, Vice President, Government and International Markets Veracode said. "Government agencies are right to be concerned about the security of the applications they are introducing into their infrastructure. Most applications are deployed without a code review. The increased use of open source, SOA reusable components, third party code and COTS introduces unbounded risk to the agencies' mission."

SecurityReview is the first and only solution to offer binary vulnerability analysis to discover flaws in software. This means it is able to inspect entire application, including components and third party libraries, and does not require companies to expose valuable source code. With this service, which has been approved and added to the National Institute of Standards and Technology's (NIST) binary scanning tool list, Veracode will be able to inspect entire applications. As part of this list, NIST acknowledges the advantages that binary code scanners have over source code scanners, namely the ability to look at the compiled code.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo