Ounce in the News

Holding ISVs to a Higher Security Standard

February 5, 2008 SD Times

Summary
A refund or replacement does not work for software with security vulnerabilities. It could take months for an independent software vendor to fix poorly constructed code. Jack Danahy, founder and CTO of Ounce Labs, the leading code analysis tool maker, finds it hard to blame ISV’s code as root cause of security flaws. Yet commercial software developers should be held to a higher security standard through more pressure, competition, and requirements to show evidence on software assurance.

Read the full article at SD Times.

Learn more about application security vulnerabilities.