Veracode Offers Sample RFP to Guide Application Security Partner Selection Free Tool Provides Comprehensive Question Set for Organizations Working to Engage with the Right Vendor in Order to Minimize Risk and Improve the Security Posture of Their Software Portfolio BURLINGTON, Mass. – October 5, 2011 – Veracode, Inc., provider of the world’s only independent, cloud-based application risk management platform, today announced the availability of a sample RFP question set to assist organizations in their application security scanning technology selection.Developed for enterprise IT managers, risk management, CISOs or anyone with responsibility for application security within an enterprise, the free tool serves as a guide for developing and writing a comprehensive RFP to ensure that the right questions are asked during the decision-making process. “Today’s applications control access to financial data, public service infrastructure, patient health records, personal information on mobile devices and more -- making software applications the enterprise’s new perimeter,” explained Fergal Glynn, director, corporate marketing for Veracode. “As a result, selecting the right application scanning technology is an important strategic decision for any organization looking to verify the security state of applications they build or buy.We developed this sample RFP to provide the questions every enterprise should ask to ensure that they select the best solution for securing their software infrastructure.” Because of increasingly complex threat space trends and new deployment platforms, including mobile, application security continues to be an evolving area.Organizations that have decided to step up to these enhanced attack trends can benefit from using Veracode’s sample RFP to put in place comprehensive application security or application risk management programs. These programs seek to instill application security best practices across the entire organization application portfolio, whether the software is developed in-house or delivered from an external source such as an outsourced, open source project or traditional software vendor. The guide includes questions that should be answered by each enterprise prior to beginning the search for an application security scanning technology, including assessing resources, skill sets and testing processes.Vendor-specific requests range from inquires about the general solution, application developer support and eLearning questions to reporting, licensing and integration into application development environments. To download Veracode’s sample RFP question set for free, please register here: http://www.veracode.com/case-studies/sample-application-security-rfp.html About Veracode Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide including Global 2000 brands such as Barclays PLC and Computershare as well as the California Public Employees’ Retirement System (CalPERS) and the Federal Aviation Administration (FAA). For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the ZeroDay Labs blog. ### Copyright © 2011 Veracode, Inc. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders. Media Contacts: Kate Thermansen fama PR phone: +1 617-986-5006 email: veracode@famapr.com