May 27, 2004

Cnet on tools for secure software development

The market for quality assurance software development tools is huge. Performance, functionality testing, and more are at least a billion and probably more. (I could look it up, but...) However, the same market for security specific QA tools is miniscule in comparison.

Cnet has a decent article on the current state of the market for products that test for vulnerabilities in source code and binaries. Note: the article focuses on a few tools, but misses a some of the companies competing in and around the segment - most of whom have a least a tool or two to assist in secure app development.

A more complete list includes:
- @stake
- Aspect Security
- Application Security Inc
- Cenzic
- Cigital
- Core Security Tech
- Foundstone - aquired by McAfee
- Immunity
- Kavado
- Magnafire - aquired by F5
- Metasploit
- Sabre Security
- Sanctum Inc
- Spi Dynamics
- Secure Software
- OWASP The Open Web Application Security Project

I'm sure I have left a few out, let me know who else should be added to this list. It's been a while since I was tracking this sector with any energy. Two companies conspicuously absent from this list:
- Rational Software (Now owned by IBM)
- Mercury

Posted by Abner on May 27, 2004 11:54 AM
Comments ARE BROKEN Send email instead - Thanks!

Recent Entries
iPhone's SIM Locks: Hardware vs. Software vs. Lawyers
Even (or especially) contests could use a security review
Vendors Responses: Voting Machines and the Pwnie Awards
Dude "Security Rocks"
iPhone Wi-Fi Vulnerability
Harry Potter Security
iPhone Hacking & Fustrations
Let the iPhone Hacking Begin
Geer heads to Washington, Again
This Just In: DRM still doesn't work
Phishing meets Internet Advertising
How long to unlock the iPhone Operating System?
Predictive Markets For Politics
The Irony of Phone Security Google Ads
Why Biometric Fingerprint Readers Are A Waste
How to Blag an Interview
Yet another Boston marketing flub
MAC vs. Vista Security
The latest in physical security
Data Loss Archive
Guerrilla Marketing Backfires in Boston
NY Times on the "Market" For Software Vulnerabilities
Not marketing security, marketing *during* security