Ounce Labs

Ounce Labs (an IBM company) is a Waltham, Massachusetts-based security software vendor. The company was founded in 2002 and provides a product that analyzes software source code to identify security vulnerabilities in source code.^[1] The product is intended to help developers, quality assurance and security analysts locate and remediate software security vulnerabilities.^[2] The scans look for a range of vulnerabilities that leave an application open to attack. ^[3] The company's customers include GMAC, Lockheed Martin, and the U.S. Navy.

On July 28, 2009 IBM announced it acquired Ounce Labs for an undisclosed sum.^[4]

Platform support

Programming language support includes ASP.NET, C, C++, C# and other .NET languages, Java, JSP, VB.NET, classic ASP; Platform support for Windows, Solaris, and Linux.

References

1. "Ounce Labs Ounce 4". SC Magazine. August 1, 2007. http://www.scmagazineus.com/Ounce-Labs-Ounce-4/Review/1082/. 
2. "Application Vulnerability Assessment 2007". SC Magazine. August 1, 2007. http://www.scmagazineus.com/Application-vulnerability-assessment-2007/GroupTest/49/. 
3. "Closing Security Holes with Application Scanners". Enterprise Systems. July 17, 2007. http://www.esj.com/news/article.aspx?EditorialsID=2714. 
4. http://www-03.ibm.com/press/us/en/pressrelease/27971.wss

External links

Official website

• Company website
• Establishing Controls for Software Security Assurance, ITAudit, May 10, 2006 - Article by IT Auditor Charles H. LeGrand for the Institute of Internal Auditors