SOURCE: Ounce Labs

November 06, 2007 10:57 ET

Ounce Labs Provides Application Security Expertise to Governance and Compliance Community

Industry Leading Software Risk Analysis Vendor to Participate at ISACA's IT Governance and Compliance Conference

WALTHAM, MA--(Marketwire - November 6, 2007) - Ounce Labs™, the industry leader in software risk analysis, today announced that it will be participating in the upcoming ISACA IT Governance and Compliance Conference taking place in Boston on November 14 - 16, 2007 at the Hyatt Regency in Boston, Mass. The conference is designed to create an environment for attendees where information, experience, skills and knowledge are exchanged to establish a baseline and identify best practices for IT governance.

Ounce will be demonstrating its industry leading software risk analysis solution, Ounce 5, which includes recently added functionality designed to enable compliance with the Payment Card Industry (PCI) Data Security Standard, the Open Web Application Security Project (OWASP) Top 10 2007 and mapping to the Common Weakness Enumeration (CWE) vulnerability database.

Ounce 5 enables organizations to radically reduce the potential for security breaches by making it possible to identify, prioritize and eliminate application vulnerabilities across their entire software portfolio. These often-overlooked software vulnerabilities are what cyber-criminals use to gain access to customer data and other confidential business information.

"Compliance regulations and IT governance initiatives provide organizations with a measurable blueprint for network and data security," said Claudia Dent, Senior Vice President of Product Management. "Industry events like ISACA's IT Governance and Compliance Conference help attendees to further understand why discovering and remediation of application vulnerabilities needs to be among their company's security and governance best practices."

About Ounce Labs, Inc.

Ounce Labs' solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others.

Ounce Labs' software analyzes application source code to provide the most complete and accurate analysis of application vulnerabilities and their relative priorities, enabling business users and IT professionals to optimize their resources on resolving the most critical issues.

Unique in its ability to scale across an organization's entire portfolio of applications, Ounce is used enterprise-wide by many of the world's most security-conscious organizations, including AT&T, IBM, Intel, Lockheed Martin, GMAC, Eos Airlines, the U.S. Government Accountability Office, Unisys and Verisign.

Led by senior executives with deep enterprise software and security expertise, Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. and Europe. For more information, please visit

Ounce Labs is a registered trademark of Ounce Labs, Inc. in the United States and other countries. Ounce 5, SmartTrace and SmartAudit are trademarks of Ounce Labs. Other product or service names mentioned herein are the trademarks of their respective owners.

Contact Information