WASHINGTON -- Ounce Labs, the industry leader in software risk analysis, today announced the availability of Ounce 5.0, with new enterprise-focused features designed to support critical business issues, including compliance with the Payment Card Industry (PCI) Data Security Standard, the Open Web Application Security Project (OWASP) Top 10 2007 and mapping to the Common Weakness Enumeration (CWE) vulnerability database. These and other enterprise-level enhancements in Ounce 5.0 enable organizations to radically reduce the potential for security breaches by making it possible to identify, prioritize and eliminate application vulnerabilities across their entire software portfolio. These often-overlooked software vulnerabilities are what cyber-criminals use to gain access to customer data and other confidential business information.
Ounce 5.0 is the first solution to support both the Privacy (Requirement 3) and Security (Requirement 6) sections of the PCI standard, which requires the protection of customer credit card information and the security assessment of software applications across retail, financial services and other industries.
"The objectives of the newly formed PCI Security Vendor Alliance are to educate the community about the technology available to help merchants address emerging threats and find ways to apply the standard more efficiently within their business as part of their efforts to achieve compliance with the PCI Data Security Standard," said David Taylor, President of the PCI Council. "Ounce Labs helps merchants achieve compliance by enabling them to review all custom application code for common vulnerabilities, which will become a PCI DSS requirement on June 30, 2008."