Ounce 5

Ounce Source Code Analyser is an automated security code review suite. It is as, if not more effective then manual code reviews at a fraction of the time and cost. Its function is to report on vulnerabilities in application source code, allowing the security team to see at a glance the number of vulnerabilities. It then prioritises findings according to their risk, accelerating remediation work.

This is the tool that is perfect for large organizations committed to building security into the Software Development Lifecycle. Ounce will pick up issues such as invalidated inputs, sockets left open or revealing stack traces. Well known vulnerabilities that will be discovered early in the sdlc include cross site scripting, sql injection, DOS and cryptographical vulnerabilities. It also allows for new custom patterns and rules to be added to the knowledgebase for future scans.

Languages that are already supported include C, C++, C#, Java, JSP, ASP.NET and VB.NET and developer plug-ins will allow effective implementation within Visual Studio 2003 and 2005, Eclipse 3.1 and 3.2 or Rational Application Developer V6.0 and 7.0.

 Security Analyst 

Infosheet

Contact Us for a Webinar on this Product

Screen Shots:

  Security Analyst                                 SA Remediation                                             Portfolio Manager

PCI Focussed Report                                                 Trend Graph

Pricing for this tool depends on the components required and number of users who use the tool not the number of developers you have or the number of lines of code needing to be analysed.

Get a quote