BURLINGTON, MA -- (MARKET WIRE) -- 12/11/07 -- Veracode,
Inc., the industry's first provider of automated, on-demand software security testing and
assessment solutions, announced it has achieved SysTrust® certification.
In doing so, Veracode establishes its adherence to one of the most
rigorous, industry-accepted auditing standards for service companies. The
successful examination, which was conducted by Ernst & Young, provides
additional validation to Veracode clients that the Veracode Code Assurance Platform and
software as a service model is secure.
The SysTrust
examination is a rigorous process developed by the American Institute of
Certified Public Accountants (AICPA) and the Canadian Institute of
Chartered Accountants (CICA) to provide independent assurance that an
organization's systems are reliable. Ernst & Young evaluated Veracode's
Code Assurance Platform to make sure that appropriate internal controls
were in place and compliant with the SysTrust Security and Confidentiality
Principles which assert the following:
-- The system is protected against unauthorized access (both physical and
logical).
-- Information designated as confidential is protected as committed or
agreed.
"The SysTrust examination is a significant accomplishment for Veracode and
underscores our commitment to treating customer data with unparalleled
security and confidentiality," said Matt Moynahan, CEO of Veracode. "Having
had our own legal, regulatory and technical infrastructure examined by
Ernst & Young assures our customers that we take the security of their data
very seriously. Securing our client's information is our top priority."
Veracode's on-demand software security and assessment solution,
SecurityReview®, is offered as a service. Consequently, ensuring the
security and confidentiality of that data is paramount.
As part of the SysTrust certification process, Veracode chose to implement
a system of checks and balances to provide governance for the program,
placing particular focus on critical areas including monitoring, compliance
and incident response, in order to ensure customer security and
confidentiality.
The SysTrust examination can be viewed at:
http://www.veracode.com/about-certifications.
The SysTrust certification augments Ernst & Young's attestation of
Veracode's managed service environment as a SAS 70 Type II compliant data
center. Together the two certifications underscore Veracode's commitment to
service delivery excellence and formal third-party certifications.
ABOUT VERACODE
Veracode is the industry's first
provider of automated, on-demand
application security solutions. Created by a world-class team of application security
experts, the company delivers services to identify software flaws
introduced through coding errors or malicious intent. Veracode's core
service, SecurityReview uses patented binary code analysis and dynamic web analysis that is
uniquely able to inspect entire application inventories, including
components, and does not require companies to expose their valuable source
code. Enterprises can now protect their intellectual property while
preventing attacks allowed by vulnerabilities in applications.
As the most accurate and comprehensive solution, Veracode makes it simple
and cost-effective to implement application security best practices and
reduce operational costs related to manual reviews. Whether a company is
developing applications internally, purchasing software or integrating code
from partners, Veracode's SecurityReview provides insight to the security
level of your applications. Outsourcing code analysis to Veracode is the
easiest way to secure your software. With a pragmatic approach to application security, Veracode
helps you fix what matters most to your business.
Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas
Venture and Polaris Venture Partners. www.veracode.com
Add to DiggBookmark with del.icio.usAdd to Newsvine
Contacts:
Kate Munro
Veracode, Inc.
781-425-6040 ext. 296 kmunro@veracode.com
Rachel Labas
Lois Paul & Partners
781.782.5787 rachel_labas@lpp.com
.gif)
