SOURCE: Ounce Labs

October 01, 2007 10:36 ET

Ounce Labs and Leading Independent Application Security Analyst Discuss How to Identify and Manage Software Risk

Webinar Highlights a Proactive Approach to Software Vulnerability Management

WALTHAM, MA--(Marketwire - October 1, 2007) - Ounce Labs, the industry leader in software risk management, today announced an upcoming Webinar featuring Forrester Research titled, "Forrester Speaks Out on Software Risk," which will offer participants information on identifying and managing the risk of enterprise applications.

As security breaches continue to top the news, the need to manage enterprise-wide risk by identifying and managing security issues at their root cause requires businesses to focus on finding software vulnerabilities and fixing them before they become a liability. This increasing trend towards managing the risk associated with software vulnerabilities offers a wide range of benefits to companies that are looking to implement more proactive efforts to manage enterprise risk and protect critical information.

Dr. Chenxi Wang, a leading application security expert and Principal Analyst with Forrester Research, will join Ounce Labs Chief Technology Officer and founder, Jack Danahy, to discuss how organizations can take a proactive approach to software vulnerability management. The Webinar will also feature real-life case studies of global organizations that are already implementing these strategies and leading the way in addressing the threat posed by vulnerable software.

"You can wait until someone exploits vulnerability in your system and fix it, or you can proactively build security early on in your development process -- mitigating vulnerabilities before attackers find them," writes Dr. Wang in her August 2007 Forrester Research report titled "Managing Application Security from Beginning to End." The report states, "A proactive application security program should extend to every relevant phase of the application life cycle, from conception to operation."

Participants will learn how to:

--  Analyze and monitor software risk within their organizations
--  Develop business cases for application security initiatives
--  Build application security competency
--  Use the right tools, processes and people to effectively manage
    software risk

"Many of our customers are engaged in on-going efforts to prevent the types of targeted application-level exploits that underlie the new wave of high-profile data and identity theft activity," said Ounce Labs CTO Jack Danahy. "The time for proactive strategies for addressing vulnerable source code is now, and it is important to share what we are learning."

The Webinar will take place on Thursday, October 4th at 2:00 p.m. EDT. Visit:

Speaker Information:

Dr. Chenxi Wang, a leading analyst on application security, has helped countless organizations become proactive about their software vulnerability management. She is a member of Forrester's Security and Risk Management research team. Her primary coverage areas include content security, application security, and vulnerability management.

Jack Danahy is founder and chief technology officer of Ounce Labs as well as one of the industry's most prominent advocates for software security assurance. Prior to Ounce Labs, he founded Qiave Technologies, a pioneer in kernel-level security that was acquired by WatchGuard Technologies in October of 2000. He holds patents or has patents pending in kernel security, secure remote communications, systems management and distributed computing.

About Ounce Labs, Inc.

Ounce Labs' solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others.

Ounce Labs' software analyzes application source code to provide the most complete and accurate analysis of application vulnerabilities and their relative priorities, enabling business users and IT professionals to optimize their resources on resolving the most critical issues.

Unique in its ability to scale across an organization's entire portfolio of applications, Ounce is used enterprise-wide by many of the world's most security-conscious organizations, including AT&T, IBM, Intel, Lockheed Martin, GMAC, Eos Airlines, the U.S. Air Force, the U.S. Government Accountability Office, Unisys and Verisign.

Led by senior executives with deep enterprise software and security expertise, Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. and Europe. For more information, please visit

Contact Information