FISMA News

Ounce Labs Joins PCI Security Vendor Alliance

(June 22, 2007)-- Ounce Labs, the industry leader in software risk analysis, announced that it has joined the PCI Security Vendor Alliance (SVA). Ounce is the only source code analysis vendor to join the alliance in support of the Payment Card Industry (PCI) Data Security Standard (DSS), a global benchmark intended to improve security throughout the entire payment card transaction process.

PCI SVA members, all of which offer strong experience in delivering PCI compliance solutions to thousands of customers, will leverage their combined knowledge to support the objectives of the PCI Security Standards Council -- securing sensitive data processed by merchant partners with best-of-breed PCI DSS solutions that address the needs of system integrators and business users.

"There are a variety of requirements within the PCI DSS which directly impact the software and information brokered between customers and vendors," said Dave Taylor, President of the PCI Security Vendor Alliance. "Ounce Labs' leadership in helping organizations target those areas is an important evolution in the practical application of new technology for upholding this critical responsibility."

As a member of the alliance, Ounce Labs will play an active role in facilitating a community of practitioners, vendors, and PCI experts via educational collateral, Webinars, and specialized subcommittees. Collectively, the members of the PCI SVA aim to ease the ever-increasing compliance concerns of PCI DSS by sharing best practice information and real world experience gained over decades of securing systems.

"The mission of PCI SVA is to help organizations that must achieve compliance with PCI DSS in their efforts to protect consumers' private information," said Hugh Scandrett, President and CEO of Ounce Labs. "Ounce is focused on reducing the risk that confidential information will be compromised by a security breach; by working together with other members, we are making progress to reduce the number of high profile data breaches and ultimately protect consumers' sensitive data."

Ounce enables organizations to reduce the potential for security breaches by making it possible to identify, prioritize and eliminate application vulnerabilities across their entire software portfolio. These often overlooked software vulnerabilities are what cyber-criminals use to gain access to customer data and other confidential business information.

With security related incidents on the rise, along with compliance requirements such as the PCI standard, organizations need to tightly integrate application security methods, tools, standards and best practices into their software development life cycles. Ounce serves as the catalyst for this kind of initiative by providing a cross-application enterprise-wide solution for eliminating existing security vulnerabilities and preventing future ones.

Ounce Labs solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others.

Share or bookmarklet this web page at: