Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Pretty much. Hp /spi has integrations as well but I don't recall devinspect ever being a big hit. Veracode does both as well as static binary but as asaas model. Watchfire had a RAD integration as well iirc but it clearly must not haved had the share ounce does. -Original Message- From: Prasad Shenoy prasad.she...@gmail.com Sent: July 28, 2009 12:22 PM To: Kenneth Van Wyk k...@krvw.com Cc: Secure Coding SC-L@securecoding.org Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc. Wow indeed. Does that makes IBM the only vendor to offer both Static and Dynamic software security testing/analysis capabilities? Thanks Regards, Prasad N. Shenoy On Tue, Jul 28, 2009 at 10:19 AM, Kenneth Van Wykk...@krvw.com wrote: Wow, big acquisition news in the static code analysis space announced today: http://news.prnewswire.com/DisplayReleaseContent.aspx?ACCT=104STORY=/www/story/07-28-2009/0005067166EDATE= Cheers, Ken - Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com (This email is digitally signed with a free x.509 certificate from CAcert. If you're unable to verify the signature, try getting their root CA certificate at http://www.cacert.org -- for free.) ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___
Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Ah sorry didn't mean to leave you out Tom. -Original Message- From: Tom Brennan t...@owasp.org Sent: July 28, 2009 1:24 PM To: Matt Fisher m...@piscis-security.com; sc-l-boun...@securecoding.org sc-l-boun...@securecoding.org; Prasad Shenoy prasad.she...@gmail.com; Kenneth Van Wyk k...@krvw.com Cc: Secure Coding SC-L@securecoding.org Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc. Fortify (www.fortify.com) has Partnered with WhiteHat Security (www.whitehatsec.com) too Tom Brennan Board Member - OWASP Foundation Url: www.owasp.org | Tel: 973-202-0122 http://www.linkedin.com/in/tombrennan -Original Message- From: Matt Fisher m...@piscis-security.com Date: Tue, 28 Jul 2009 11:29:30 To: Prasad Shenoyprasad.she...@gmail.com; Kenneth Van Wykk...@krvw.com Cc: Secure CodingSC-L@securecoding.org Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc. Pretty much. Hp /spi has integrations as well but I don't recall devinspect ever being a big hit. Veracode does both as well as static binary but as asaas model. Watchfire had a RAD integration as well iirc but it clearly must not haved had the share ounce does. -Original Message- From: Prasad Shenoy prasad.she...@gmail.com Sent: July 28, 2009 12:22 PM To: Kenneth Van Wyk k...@krvw.com Cc: Secure Coding SC-L@securecoding.org Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc. Wow indeed. Does that makes IBM the only vendor to offer both Static and Dynamic software security testing/analysis capabilities? Thanks Regards, Prasad N. Shenoy On Tue, Jul 28, 2009 at 10:19 AM, Kenneth Van Wykk...@krvw.com wrote: Wow, big acquisition news in the static code analysis space announced today: http://news.prnewswire.com/DisplayReleaseContent.aspx?ACCT=104STORY=/www/story/07-28-2009/0005067166EDATE= Cheers, Ken - Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com (This email is digitally signed with a free x.509 certificate from CAcert. If you're unable to verify the signature, try getting their root CA certificate at http://www.cacert.org -- for free.) ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___
Re: [SC-L] InformIT: Twitter Security
Thought I'd throw this out there in case you hadn't heard already: http://www.fcw.com/Articles/2009/04/10/Web-Facebook-GSA.aspx . It's starting to affect me real-world already. those of us in the DC area, ramp up your incident response rates now, cause you know it's coming and you know it's going to be good. -matt. -Original Message- From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On Behalf Of Gunnar Peterson Sent: Tuesday, May 19, 2009 5:43 PM To: Gary McGraw Cc: Secure Code Mailing List Subject: hi gary one other interesting note on twitter security that i am retweeting from @cykyc @focalintent: you put your SSN in number-dash format, twitter automatically obfuscates it to XXX-XX-! Now we just need fortune 500 to run twitter instead of ERP, CRM, etc. -gunnar On May 15, 2009, at 7:42 AM, Gary McGraw wrote: hi sc-l, It was inevitable---an article about Twitter Security. If my latest column were a tweet, it wouldn't have much content. You can be the judge about whether a longer form does: http://www.informit.com/articles/article.aspx?p=1350268 As always, your feedback is welcome. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com ) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___