Community

Expand your Ounce knowledge by interacting with other Ounce customers and security practitioners. Discuss best practices for implementation and use. Share ideas with other Ounce customers and build even better solutions. Network with your peers at other companies and build a stronger application security community.

The Ounce Community Forum

join the ounce forum

The Ounce Community Forum is an open-dialogue environment where participants including customers, partners, security and or development specialists, IT pros, folks in other product companies, journalists, bloggers - or anyone with some curiosity about app sec - share questions, solutions, best practices and other resources. Start collaborating now.

Industry Collaboration

Ounce is a proponent of and a contributor to the open source and application security community. We work closely with the following organizations.

  • CWE

    CWE Logo

    CWE stands for Common Weakness Enumeration and is a site that houses a community-developed dictionary of software weakness types. CWE is built into the Ounce product so that immediate support and advice can be given to security practitioners in context of remediation efforts. The CWE/SANS Top 25 Most Dangerous Programming Errors describes not only the most common vulnerabilities, but also best practice guidelines for secure programming. Drawing on international security expertise, the Top 25 serves as guidance for organizations to avoid the programming errors that pose the greatest risk.

  • OWASP

    OWASP Logo

    The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. Broadly invoked as an industry best practice, the OWASP Top 10 details the most common web application vulnerabilities that affect our applications today. The Ounce SmartAudit report for the OWASP Top 10 allows organizations to rapidly identify these critical security flaws and prioritize them for remediation.

  • PCI

    PCI Logo

    The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

  • SANS

    SANS Logo

    The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. SANS is a trusted, comprehensive source for information security training and certification in the world.

  • AppSIC

    AppSIC Logo

    The Application Security Industry Consortium (AppSIC), Comprised of world-renowned industry technologists and leaders and it was formed to help establish and define cross-industry application security guidance and metrics.

Ounce Labs Employees

Andy Bochman

Director, Customer Advocacy

I’ve been with Ounce from the beginning and have had many roles as the company grew. Today, I am back to where I began, working with our clients as customer advocate. Turns out our customers have a lot to teach us - and I absolutely love learning from them!

Support

Customers, need specific product support? Visit our Support Portal.

Blog

Suitable Security, Ounce Co-Founder and CTO, Jack Danahy's blog.