Ounce Updates Security Source Code Analyzer

Version 6 features Oracle integration, automated developer triage, and collaboration capabilities

Earlier this month, Ounce Labs launched Ounce 6, the latest release of its security source code analysis product. Among its other new features, version 6 now includes integration with the Oracle database.

Ounce 6 was designed to give enterprises "fully automated triage workflow" capabilities, the company said in a press release. It features an automated developer triage, which automatically sends flaws to developers' IDEs, reducing the impact of false-positives and allowing developers to plug vulnerabilities more quickly. The product also includes a "team triage" capability, allowing for wide-scale collaboration and the ability to track changes and "merge results."

Other improvements include an expanded knowledgebase, enhancements to scanning capabilities, SlickEdit integration, and an overall performance improvement of 300 percent. "As software applications continue to grow in complexity and size with multi-tier layers that are developed by geographically distributed workgroups or by offshore developers, the likelihood of flaws and exploitable vulnerabilities increases," said Ounce Labs president and CEO Hugh Scandrett in a prepared statement.

"Thousands of Ounce users at customers including 50 percent of the Fortune Top 20 will benefit from these new enterprise capabilities that drive the elimination of business-critical software vulnerabilities across a broad portfolio of applications."

For more information, go to http://www.ouncelabs.com.

About the Author

Gladys Rama is the senior site producer for Redmondmag.com, RCPmag.com and MCPmag.com.