Veracode simplifies security policy management for enterprises with mobile apps


The consumerization of IT can bring new workforce
efficiencies, as well as potentially devastating enterprise security and
compliance risks. As organizations grapple with the new era of mobile device
management, a one-size-fits-all approach to application security policy
management and compliance isn’t sufficient.


Veracode, a
provider of the cloud-based application risk management platform, announced a
more effective approach with the launch of its new Veracode Policy Manager.


Veracode Policy Manager allows enterprises to move rapidly from ad-hoc testing to proven and
enforceable security programs and policies for their entire software
application portfolio, including mobile.


Veracode currently provides application security
verification across primary mobile platforms – RIM’s BlackBerry operating
system (OS), Windows Mobile, Google’s Android OS and Apple iOS.


A cloud-based service, Veracode Policy Manager provides
CISOs with a dashboard that offers a centralized view of their portfolio of
internal and third-party applications with details on how each application is
performing from a policy perspective.


Veracode Policy Manager’s easy-to-use interface offers
specific compliance requirement tracking capabilities and enables users to tick
through a series of best practice-based or customizable drop-down menus that identify
appropriate security policy options, including recommended remediation times
based on the criticality of the flaw, criticality of the application and
established CISO requirements.


Mobile adoption and related application vulnerabilities
are pushing organizations to think more seriously about software security. The
reality is that mobile apps are no different from other enterprise apps from a
security policy perspective,”said Maria Cirino, chairperson, Veracode Board of
Directors, and managing director, .406 Ventures.


“However, many organizations, even those that are serious
about application risk management, are still questioning what those security
policies should be, and how to enforce and report on them,” Cirino added.


By Team
[email protected]