Veracode has launched an application intelligence service to provide code-level insight into the security of software.
Following claims made by CEO Matt Moynahan that smartphone applications could possibly contain malware, the company has introduced Veracode SecurityInsights to enable current Veracode SecurityReview users to compare their software portfolio against the aggregated security quality benchmarks from applications in their industry, programming language, third-party supplier and type of application.
According to the company, the information in SecurityInsights comprises of anonymised application security data from billions of lines of code and thousands of applications that have been submitted to Veracode for static, dynamic, and manual security testing.
Moynahan, said: “Veracode SecurityInsights was designed to make it easier for our customers to solidify their software infrastructure before they are attacked or fall victim to a zero-day application vulnerability.
“Because Veracode's application intelligence from our cloud-based service is as dynamic as the threat environment itself, no enterprise or on-premise tool can provide this level of comprehensive analysis that users can immediately turn into business decision-making intelligence.
“Rather than merely responding to breaches and threats, executives now have what it takes to make proactive, enforceable decisions on the level of acceptable application security quality before the attack takes place.”