BURLINGTON, Mass. -- Veracode Inc., provider of the industrys first on-demand application security review, today announced the formation of the Veracode Advisory Board, a panel of leading industry experts selected to guide the Companys solutions roadmap, organizational strategy and execution.
Consistent with its approach of acting as a trusted, independent security services provider and recognizing the importance of broad industry support behind developing more secure software, Veracode has assembled a group of executives with deep software development, information security and technology backgrounds.
The strength of the Advisory Board is evident in the pedigree of its members. While the board members will assist Veracode in all business functions, they will be focusing their time in one of three focus areas Business Strategy and Development, Technical Innovation, or Application Scoring and Responsible Disclosure.
Members of the Business Strategy and Development focus team include:
- John Schwarz, President and CEO, Business Objects
- Rhonda MacLean, CEO, MacLean Risk Partners
- Bret Hartman, CTO, RSA, The Security Division of EMC
- Mark Doll, SVP, Worldwide Services, Business Objects
- Maria Cirino, General Partner, .406 Ventures
- Steve Katz, President, Security Risk Solutions, LLC
- George Kassabgi, President and CEO, Bit9, Inc.
- Jordan A. Levy, Managing General Partner, Seed Capital Partners
- Ron Schreiber, Partner, Softbank Capital
- Len Couture, Director, Bluewolf Group
- Dr. Ajei S. Gopal, SVP and General Manager, Systems and Security Management, CA
Members of the Technical Innovation focus team include:
- Cristina Cifuentes, Senior Researcher, Sun Microsystems Labs
- Bob Suh, Chief Technology Strategist, Accenture
- Gerhard Eschelbeck, CTO and VP of Engineering, Webroot
- Eugene Kuznetsov, IBM/Founder and CEO, DataPower
- Tim Mather, former CSO, Symantec
- PJ Plauger, President, Dinkumware, Inc.
- Michael Smith, Professor of Computer Science and Electrical Engineering, Harvard University
Members on Application Scoring and Responsible Disclosure focus team include:
- Mary Ann Davidson, CSO, Oracle Corporation
- Dan Geer, VP and Chief Scientist, Verdasys, Inc.
"Veracodes on-demand security review service is a practical and cost-effective solution to assist enterprises, independent software vendors and outsourced development partners to raise the security level of their software," said John Schwarz, President and CEO of Business Objects. "By working with all participants in the software community, Veracode has demonstrated a commitment to responsible application scoring and vulnerability disclosure that is consistent across the software supply chain.
Launched in January 2007, Veracode satisfies an industry need for an automated, on-demand application security analysis service. Whether a company is purchasing or developing software, Veracode helps detect vulnerabilities that need to be fixed to improve the security of applications. Bringing together a group of advisors committed to overall higher standards for software security, Veracode is even better positioned to help enterprises identify and remediate security flaws in software that put businesses at risk.
The deployment of security technologies has always been a challenge for enterprises from a usability perspective, said Gerhard Eschelbeck, CTO of Webroot and former CTO of Qualys. Ease-of-use is increasingly a driving consideration for enterprises when selecting a security partner. Veracodes on-demand model is offering a compelling approach to software security, providing both quality and ease of implementation at the application layer.
Application security comprises a major part of a company's security posture. By 2009, 80 percent of companies will have suffered an application security incident, according to Gartner.*
After a data breach, organizations are forced to spend time and financial resources to regain shattered consumer trust. A damaged reputation can cost an organization via decreased brand value, reduced share price, lost customers and partners, broken strategic relationships and even difficulty in recruiting skilled employees. Reputation recovery can take several years and in some cases never occurs, making an investment in software quality assurance a business imperative for controlling operational risk.
Enterprises are now realizing that to truly protect their assets they must look beyond the perimeter and focus more clearly on the application itself," said Matthew Moynahan, President and CEO of Veracode, Inc. The formation of this group further confirms our view of how the security landscape is changing and organizations are shifting their focus to where the true operational risks are. Im looking forward to working with this elite group to not only grow Veracode as a business but to make it easier for participants across the software industry to better determine appropriate security quality for their business applications.