Ounce Labs Ounce 4

The Ounce Labs offering is a software-based solution, which isactually a CASE (computer aided software engineering) utility. Ounce 4works by reviewing code for any application to scan for securityvulnerabilities before the code is posted to a development orproduction server. This type of utility is routinely mentioned in thePCI-DSS compliance document and should be included in anyorganization’s system development life cycle.

The utility ships with a demo data CD that allows the tester toreview non-production code to get a feel for the application and thefunction. This feature was well received in the lab and made for astronger feeling of understanding before a tester would evaluateproduction data. The dashboard for the application was straightforwardto use with panes logically laid out. The utility includes the abilityto compare sets of codes and show the differences, and also the abilityto triage coding errors, as well as the ability to repair the error andscan again. Results can be published to a web server or reports can begenerated.

The installation of Ounce 4 was as straightforward as possible. Afew clicks of "next" and a quick browse to the license file and theinstallation work was finished. The install did take some time tocomplete because of the large amount of data being installed. Helperapplications and language kits were installed behind the scenes andtransparent to the user installing the product.

Ounce 4 arrived with a guide for the initial installation and use ofthe product in hard copy. Several PDF documents accompany theinstallation files on the install CD. The PDF files are indexed andsearchable to make finding whatever is needed faster.

Support is offered through phone and a detailed web portal, whichallows for the opening of tickets, feature requests and a knowledgebase. Phone support is offered during business hours.

The pricing for Ounce 4 starts at $1,500 for an annual license, and$2,750 for a perpetual license. This prices Ounce 4 at the low end ofthe price spectrum.

Product title
Ounce Labs Ounce 4
Product info
Name: Ounce 4 Description: Price: starts at $1,500 (annual license), $2,750 (perpetual license)
Reviews code for security vulnerabilities.
Designed more for programmers than security personnel because of difficulty in running the product.
For any organization which uses a System Development Life Cycle (SDLC) this product should be a welcome addition.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.