The Conferencing Zone

Conferencing Industry News Article


TMCNet:  Veracode Warns Enterprises that SOUP is a Recipe for Disaster

[January 16, 2013]

Veracode Warns Enterprises that SOUP is a Recipe for Disaster

BURLINGTON, Mass. --(Business Wire)--

Veracode, Inc., the leader in cloud-based application security testing, warns enterprises that serving up Software of Unknown Pedigree, or S.O.U.P, can lead to some major indigestion for the organization, with side effects including customer data loss, gaps in defense against hackers, and even corporate intellectual property theft. With use of vendor supplied software growing exponentially, it's important enterprises not let this SOUP go untested.

Despite the fact that enterprises are lapping up more SOUP than ever, 84 percent haven't tested any of their vendor supplied applications. If they did, they might be surprised to learn that 80 percent of customer support applications, 76 percent of security applications and 59 percent of financial applications fail to comply with enterprise security policies, leaving data vulnerable.

"The amount of risk these organizations are assuming by deploying untested SOUP is unsettling, but also unnecessary," said Chris Eng, vice president of research, Veracode. "Maintaining a healthy application security program can minimize risk and keep things running smoothly."

The good news is that enterprises are beginning to recognize and address these risks. In a new infographic released this week, Veracode illustrates the recent trend in organizations saying no to SOUP and starting to test their vendor-supplied applications. A recent study by Veracode found 21 percent of financial services organizations tested its vendor-supplied software for flaws in the application code. Additionally, the software and IT services industry and the technology industry are upping their SOUP testing numbers, with 14 percent of each industry inspecting its outsourced software. Those enterprises with a programmatic approach to software testing have seen 52 percent of their applications achieve compliance.

Veracode recommends developing a prorammatic approach to vendor software security testing and suggests making sure that above all, these security policies are communicated throughout the organization. Vendors should be held to the same security criteria as in-house developers to ensure the entire organization is approaching security with the same goal.


"Global Enterprises Serve Up Risky S.O.U.P.," infographic is available for download from the Veracode site. Interested parties have permission to embed and share the infographic on their websites or blogs with attribution.

About Veracode

Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit www.veracode.com, follow on Twitter (News - Alert): @Veracode or read the Veracode Blog.


[ Back To Homepage ]

Featured Whitepaper

Basic Principles of Audio
Design in Conferencing

Basic Principles of Audio Design in Conferencing

The challenging duty of the sales person, engineer, or consultant, is to use scientific knowledge and previous practice to try to create a pleasant experience for all end users.

Featured Podcast

How often have you had a teleconference where—because of audio-related issues—you had difficulty in conducting an important meeting? Or in some cases, not even being able to make a clear connection at all? Curtiss Singleton, Director of Sales for the Americas at Revolabs, Inc., discusses conferencing solutions that not only provide unmatched audio quality, but ones that also “cut the cord”—giving you the freedom to move around the workspace. Doug Green, Publisher of Telecom Reseller, speaks with JP Carney, President and CEO of Revolabs, about the company, the importance of audio quality in UC, the compatibility of their products with various UC platforms, and their acquisition by Yamaha after one year. They discuss how clear audio for teleconferencing is the core element of true collaboration.

Featured Blog