SOURCE: Ounce Labs

January 03, 2008 10:06 ET

2007 Marks Record Year for Ounce Labs

Customer Demand for the Company's Source Code Analysis Solution Drives Eighth Consecutive Quarter of Record Sales

WALTHAM, MA--(Marketwire - January 3, 2008) - Ounce Labs™, the industry leader in software risk analysis, today announced record sales and revenue for 2007 resulting from continued enterprise customer adoption of its application security solution. The company reported that Q4 2007 was the eighth consecutive quarter of record sales and this quarterly growth has contributed to 300 percent revenue growth for all of 2007. New customer demand and continual increases in existing customer sales to expand their use of Ounce's source code analysis solution by new teams or divisions has contributed to Ounce's overall success in 2007.

"As our 2007 sales and growth reflects, application security is being recognized by organizations as a top security issue. Leading organizations from diverse industries are deploying our solutions to address this key issue and to increase the security of their applications," said Hugh Scandrett, CEO of Ounce Labs. "Many of our customers became repeat customers last year simply because our solution is providing significant value through unsurpassed workflow automation and usable business-level information for every security stakeholder in the organization."

Ounce Labs' exceptional growth and continuing momentum is mirrored by the growing awareness that application security is of critical importance to organizations concerned with data privacy and operational integrity. Governmental and industry regulatory compliance mandates and growing pressure to secure personal and financial data is escalating application security to a top-level enterprise priority. As a result, industry analysts are increasingly recommending that organizations implement application security into the application life cycle.

"You can wait until someone exploits vulnerability in your system and fix it, or you can proactively build security early on in your development process -- mitigating vulnerabilities before attackers find them," says Dr. Chenxi Wang in her Forrester Research report titled "Managing Application Security from Beginning to End." The report states, "A proactive application security program should extend to every relevant phase of the application life cycle, from conception to operation."

Released in 2007, Ounce 5.0 is the most advanced enterprise-focused source code analysis solution available on the market today that enables organizations to comply with stringent regulations including the Payment Card Industry Data Security Standard (PCI DSS). Ounce 5.0 helps organizations to reduce the potential for security breaches by making it possible to identify, prioritize and eliminate application vulnerabilities across their entire software portfolio.

2007 highlights include:

--  Product leadership. In 2007 the company launched Ounce 5.0, which
    includes new enterprise-focused features designed to support critical
    business issues, including compliance with the Payment Card Industry (PCI)
    Data Security Standard, the Open Web Application Security Project (OWASP)
    Top 10 2007 and mapping to the Common Weakness Enumeration (CWE)
    vulnerability database.
--  Corporate and product recognition. For the second consecutive year
    Ounce Labs was named as the leader in the Security category by SD Times
    Magazine. In addition, two leading IT trade magazines (Network Computing
    and SC Magazine) published positive reviews of the product with SC Magazine
    awarding the Ounce solution a 5-star rating.
--  Expanded expertise and new international presence. During the year,
    Ounce opened a new international headquarters in London, added one of the
    world's foremost application security consultants, Dinis Cruz as its new
    director of advanced technology and formed an Advanced Research Team (ART),
    a group of leading security experts dedicated to raising the awareness of
    software security and the development of best practices for incorporating
    application security into the software development lifecycle.

About Ounce Labs, Inc.

Ounce Labs' solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others.

Ounce Labs' software analyzes application source code to provide the most complete and accurate analysis of application vulnerabilities and their relative priorities, enabling business users and IT professionals to optimize their resources on resolving the most critical issues. Unique in its ability to scale across an organization's entire portfolio of applications, Ounce is used enterprise-wide by many of the world's most security-conscious organizations, including AT&T, IBM, Intel, Lockheed Martin, GMAC, Eos Airlines, the U.S. Government Accountability Office, Unisys and Verisign.

Led by senior executives with deep enterprise software and security expertise, Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. and Europe. For more information, please visit

Ounce Labs is a registered trademark of Ounce Labs, Inc. in the United States and other countries. Ounce 5, SmartTrace and SmartAudit are trademarks of Ounce Labs. Other product or service names mentioned herein are the trademarks of their respective owners.

Contact Information