OUNCE LABS INTRODUCES FOUR NEW PLUG-INS TO EXPAND REACH IN THE SOFTWARE DEVELOPMENT LIFECYCLE

Additional Developer Plug-in Integration, Expanded Knowledgebase and Added Platform Support Featured in New Release of Leading Source Code Vulnerability Analysis Solution

Waltham, MA, December 12, 2006 – Ounce Labs, the leader in software security assurance, today announced the availability of Ounce 4.1, a significant update to the source code vulnerability analysis solution.  Building on the acceptance of Ounce 4 by development organizations, the update extends the capabilities of the Ounce solution to additional developer desktops and computing environments, as well as a significantly expanded knowledgebase and additional platform support. 

Ounce 4.1 advances Ounce’s integration even further into the software development lifecycle with the announcement of four new plug-ins, making its industry-leading source code analysis technology available to organizations using some of the most common development environments.  Ounce Developer Plug-ins are newly available for the following environments:

• Eclipse 3.2
• Visual Studio 2003
• IBM Rational Application Developer (RAD) 6
• IBM Rational Application Developer (RAD) 7

By continuing to offer the Ounce Developer Plug-in licenses for free, Ounce allows organizations to maximize the impact of their security efforts by granting unlimited personnel access to assessment results, vulnerability descriptions, and remediation advice. 

“Application security analysis tools should enable the development organization to develop code that is secure from the beginning,” said Joseph Feiman, Research Vice President for Gartner.  “The tools should bring secure coding principles directly to the developer’s desktop to ensure that security is not an isolated activity but part of a comprehensive application engineering process throughout the enterprise.”

Ounce 4.1 also includes significant expansions to its software security knowledgebase, adding new and enhanced rules across multiple languages. The Ounce Security Knowledgebase is the largest and most comprehensive in the industry, utilizing more than 100,000 rules to rigorously analyze software for the coding errors and design flaws that cause the greatest risk to the organization. Additionally, Ounce 4.1 provides expanded platform support for Solaris 9.

“With Ounce 4.1, we have expanded our commitment to security throughout the development lifecycle by bringing our industry-leading source code analysis tool to such widely-used development environments as Visual Studio 2003 and IBM RAD 6 and 7.” said Hugh Scandrett, CEO of Ounce Labs.  “The wide adoption of Ounce 4 proves our customers’ confidence in the accuracy of our analysis, and their intent to make that analysis available to developers throughout their organization.”

Ounce 4.1 is currently available.

About Ounce Labs, Inc.
Ounce Labs™, the leader in software security assurance, delivers products that enable customers to manage software risk in applications across the enterprise, traceable down to individual lines of code. The Ounce solution features patents-pending source code analysis technology, which scans source code to pinpoint programming errors, design flaws, and policy violations. Ounce offers the most accurate and complete software vulnerability results, the fastest time-to-results, the only complete application portfolio management, and the greatest deployment flexibility. Customers using the Ounce software security solution include leading organizations in financial services, telecommunications, software development, government, and other industries focused on protecting data, reducing software vulnerabilities, and complying with industry regulations. Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. For more information, please visit www.ouncelabs.com.

###

CONTACT:
Ounce Labs
Jake Messier
781.547.7031 (o)
774-368-0094 (m)
jake.messier@ouncelabs.com