Welcome!

Microservices Expo Authors: Elizabeth White, Pat Romanski, Liz McMillan, Harry Trott, Mamoon Yunus

News Feed Item

IDG's InfoWorld Names Chris Wysopal of Veracode One of InfoWorld's Top 25 CTOs for 2008

IDG's InfoWorld Names Chris Wysopal of Veracode One of InfoWorld's Top 25 CTOs for 2008

BURLINGTON, Mass., June 4 /PRNewswire/ -- Veracode Inc., the world's leader for on-demand application security testing solutions, announced today that IDG's InfoWorld, the leading integrated media brand for IT decision makers, has named Veracode CTO Chris Wysopal as one of InfoWorld's Top 25 Chief Technology Officers for 2008.

Every year since 2001, InfoWorld has honored senior IT executives who have demonstrated leadership within their companies and in the IT community. The InfoWorld CTO 25 feature story, including reporting and analysis, appears online at http://www.infoworld.com/5265.

"This year's honorees showed how a savvy CTO can make a huge difference in leading their business to success, whether in creating a world-class product or making a critical business priority happen the right way," said Galen Gruman, executive editor of InfoWorld. "We were struck by how the best CTOs combined solid, strategic technology thinking with management prowess to make their successes happen."

Chris directly oversees Veracode's security research group, but his responsibilities go beyond just research. He is responsible for defining and measuring the accuracy of Veracode's software security analysis, which is based on two important technologies -- automated security testing and binary code analysis -- he helped develop while working in previous positions.

"Since Veracode was launched just over a year ago, Chris has been instrumental in helping shape the company into the leader in on-demand application security testing solutions," said Matt Moynahan, Veracode CEO. "Years before co-founding Veracode, Chris had been setting the groundwork for the innovation of binary analysis. Thanks to his work, this technology has come to fruition and is now seen as invaluable for application security."

Veracode is the only company that allows for a final security audit before software ships or is deployed, because it looks at the code the same way a machine might execute it or a hacker would attack it. This is only possible with a technology based on binary analysis.

Scanning binary code allows organizations to inspect the entire application, including components without source code. This enables deeper analysis of the application across all code including third-party libraries and their interactions (e.g.; inter-procedural analysis), and as a result, security insight across 100 percent of the application.

About InfoWorld Media Group

InfoWorld Media Group helps IT Decision Makers choose the right technology, within the context of a cohesive strategy for business impact at their organizations. InfoWorld identifies and promotes emerging technology segments that add unique value for the organizations that implement them, as well as the vendors that provide those solutions. Using an integrated communications approach including online, events, research, and a continued investment in an independent Test Center, InfoWorld analysts and editors provide hands-on analysis and evaluation, as well as expert commentary on issues surrounding emerging technologies and products. Visit InfoWorld at http://www.infoworld.com/.

About International Data Group

International Data Group (IDG) is the world's leading technology media, events, and research company. IDG's online network includes more than 450 web sites spanning business technology, consumer technology, digital entertainment and video games worldwide. IDG also publishes more than 300 magazines and newspapers in 85 countries. IDG's media brands include CIO, CSO, Computerworld, GamePro, InfoWorld, Macworld, Network World, and PC World. IDG's lead-generation service, IDG Connect, matches technology companies with an audience of engaged, high-quality IT professionals, influencers, and decision makers.

IDG is a leading producer of more than 750 technology-related events including Macworld Conference & Expo, LinuxWorld Conference & Expo, Entertainment for All Expo (E for All), DEMO, Storage Networking World, and IDC Directions. IDC, a subsidiary of IDG, is the premier global provider of market intelligence, advisory services, and events. Over 900 IDC analysts in more than 90 countries provide global, regional, and local expertise on technology and industry opportunities and trends.

Additional information about IDG, a privately held company, is available at http://www.idg.com/.

About Veracode

Veracode is the world's leader for on-demand application security testing solutions. Veracode SecurityReview is the industry's first solution to use patented binary code analysis and dynamic web analysis to uniquely assess any application security threats including vulnerabilities and malicious code. SecurityReview performs the only complete and independent security audit across any internally developed applications, third-party commercial off-the- shelf software and offshore code without exposing a company's source code. Delivered as an on-demand service, Veracode delivers the simplest and most- cost effective way to implement security best practices, reduce operational cost and achieve compliance without requiring any hardware, software or training.

Veracode has established a position as the market visionary and leader with awards that include recognition as a Gartner 'Cool Vendor' 2008, Info Security Product Guide's "Tomorrow's Technology Today Award 2008," Information Security's "Readers' Choice Award 2008," AlwaysOn Northeast's "Top 100 Private Company 2008," NetworkWorld "Top 10 Security Company to Watch 2007," and Dark Reading's "Top 10 Hot Security Startups 2007."

Based in Burlington, Mass., Veracode is backed by .406 Ventures, Atlas Venture and Polaris Venture Partners. For more information, visit http://www.veracode.com/.

Veracode Inc.

CONTACT: Danny Begonia of Lois Paul & Partners, +1-512-638-5317,
[email protected]

Web site: http://www.veracode.com/
http://www.infoworld.com/
http://www.idg.com/

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@MicroservicesExpo Stories
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
With Cloud Foundry you can easily deploy and use apps utilizing websocket technology, but not everybody realizes that scaling them out is not that trivial. In his session at 21st Cloud Expo, Roman Swoszowski, CTO and VP, Cloud Foundry Services, at Grape Up, will show you an example of how to deal with this issue. He will demonstrate a cloud-native Spring Boot app running in Cloud Foundry and communicating with clients over websocket protocol that can be easily scaled horizontally and coordinate...
Most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes a lot of work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reduction in cost ...
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down APIs. The four fundamental pillars of API Security - SSL, Identity, Content Validation and deployment architecture - are discussed in detail below.
IT organizations are moving to the cloud in hopes to approve efficiency, increase agility and save money. Migrating workloads might seem like a simple task, but what many businesses don’t realize is that application migration criteria differs across organizations, making it difficult for architects to arrive at an accurate TCO number. In his session at 21st Cloud Expo, Joe Kinsella, CTO of CloudHealth Technologies, will offer a systematic approach to understanding the TCO of a cloud application...
API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong...
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
Web services have taken the development world by storm, especially in recent years as they've become more and more widely adopted. There are naturally many reasons for this, but first, let's understand what exactly a web service is. The World Wide Web Consortium (W3C) defines "web of services" as "message-based design frequently found on the Web and in enterprise software". Basically, a web service is a method of sending a message between two devices through a network. In practical terms, this ...
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...