Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

ZeroDay Labs Website For IT Security Professional Community

Veracode : 21 May, 2010  (Company News)
Veracode has launched a community based website aimed at security professionals for sharing information on the latest software threats
Veracode has announced the formation of ZeroDay Labs, a free destination website for education, collaboration and community building for security-aware professionals. Software developers, security teams, CSOs/CISOs, security consultants and Veracode partners, among others, will benefit from access to timely, valuable data and research related to achieving software quality and application security goals.

The mission of ZeroDay Labs is to host a dedicated website and shared resource where visitors can interact, contribute and learn how to identify new security gaps, improve the accuracy of real-world application vulnerability detection, and communicate findings in order to improve the state of software security. ZeroDay Labs is led by members of Veracode's core research team including Chris Wysopal, co-founder and CTO; Chris Eng, senior director, security research; and Tyler Shields, senior security researcher.

Core to its community-building goals, ZeroDay Labs will offer code-level examples of vulnerabilities drawn from member experiences. As the community grows, based on voluntary submissions, Veracode will accelerate awareness and remediation efforts by sharing real-world examples among participants.

Code submissions are not limited to Veracode customers. Organizations are encouraged to submit one application, free of charge, to the VerAfied Software Directory, a list of Independent Software Vendors (ISVs), service providers and enterprises that have successfully completed the Veracode Security Verification Process for their software product and/or infrastructure, and achieved the VerAfied security mark. The VerAfied mark indicates that an application has received an independent security verification from Veracode and the provider has resolved or mitigated any vulnerabilities identified by automated static binary analysis and automated dynamic analysis (if applicable).

Submissions can be made two ways: known vulnerabilities, where organizations can then use the assessment to automate detection across their portfolio; or unknown, where manual source code review is used to augment and improve static binary analysis. For known and unknown vulnerabilities, Veracode will use the results to automate detection. To date, Veracode has analyzed more than 1,600 applications across 15 industries, representing billions of lines of code.

"Think of ZeroDay Labs and our VerAfied Software Directory like the Centers for Disease Control. With the more patient information and case detail submitted to the CDC, the more effective physicians around the world can become in terms of prescribing treatments," said Chris Wysopal, co-founder and CTO, Veracode. "In the case of our Software Directory, the richer the database of software vulnerabilities across industries, languages and technical platforms, the more security and development teams can learn about ensuring the highest degree of application Risk Management and performance in their own environments."

ZeroDay Labs is home to Veracode's ZeroDay Labs blog as well as technical articles, whitepapers and other information available for download, organized by technical architecture and language such as Java, C/C++ and .NET. The site is also a source of information about the company's involvement with the extended security-aware community, detailing its participation in regional events associated with organizations like ISACA, ISSA, OWASP and .NET User Groups.

ZeroDay Labs will continue to evolve with the addition of an aggregate of RSS and other feeds from relevant sites, companies and partners. The ZeroDay community forum will serve as a social network connection where security software professionals can discuss newly identified vulnerabilities, such as those recently reported in widely used Open Source software solutions to mitigate vulnerabilities, and other technical topics. It will also be connected to other social network capabilities such as LinkedIn, Facebook and Twitter.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo