OUNCE LABS CHIEF SCIENTIST TO PRESENT AT SOFTWARE TEST & PERFORMANCE CONFERENCE

What:              
Ryan Berg, Chief Scientist for Ounce Labs, the industry leader in software risk analysis, will present a session titled ‘101 Models for Security Testing in the Software Development Life Cycle’ at the Spring 2008 Software Test & Performance Conference  in San Mateo, CA next week.

Session Overview:   
Improving software security is a valuable endeavor — but implementing application security programs that generate positive, measurable results has eluded many companies. Often there is a lack of security expertise among development teams and/or a lack of development expertise among security teams. There’s also a misconception that security reviews extend development schedules.

At the same time, centralized decisions must be made to define security policies, clearly outline vulnerability definitions, and prioritize remediation efforts according to available resources. Organizations need a concrete model for security evaluation and a comprehensive task list detailing the roles and responsibilities for each group involved.

Attendees will learn practical models that give security testing responsibility to developers, QA staff or security teams, while also explaining the specific requirements for each approach as well as expected outcomes.

Where:            
The conference is being held on April 15-17 at the San Mateo Mariott, San Mateo, CA.

When:              
Mr. Berg will present on Wednesday, April 16th at 10:00 a.m. PT.

Speaker:             
Ryan Berg is a Co-Founder and Chief Scientist for Ounce Labs. In addition to advancing the state of the art in application security technologies, Ryan is also a popular speaker, instructor, and author in the fields of security, risk management and secure development processes. He holds patents and has patents pending in multi-language security assessment, kernel-level security, intermediary security assessment language, and secure remote communication protocols.

About Ounce Labs, Inc.
Ounce Labs’ solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others.

Ounce Labs’ software analyzes application source code to provide the most complete and accurate analysis of application vulnerabilities and their relative priorities, enabling business users and IT professionals to optimize their resources on resolving the most critical issues.

Unique in its ability to scale across an organization's entire portfolio of applications, Ounce is used enterprise-wide by many of the world's most security-conscious organizations, including AT&T, EDS, IBM, Intel, Lockheed Martin, MFS, the U.S. Air Force, the U.S. Government Accountability Office, Unisys and VeriSign.

Led by senior executives with deep enterprise software and security expertise, Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. For more information, please visit www.ouncelabs.com.

Media Contacts:
Peter Crosby
Ounce Labs
781.547.7012
Peter.Crosby@ouncelabs.com
http://www.ouncelabs.com

Brenda Menard
Davies Murphy Group
+1.781.418.2435
ounce@daviesmurphy.com
http://www.daviesmurphy.com

Ounce Labs is a registered trademark of Ounce Labs, Inc. in the United States and other countries. Ounce 5, SmartTrace and SmartAudit are trademarks of Ounce Labs. Other product or service names mentioned herein are the trademarks of their respective owners.