§Services offering

4Binary Analysis

Pros

–Scan third party binaries and your own code

–Provide blackbox scanning

–Veracode security experts review the results and provides sanitized report to clients

–They do all the work

Cons

–Difficult to do, requires people in the backend at Veracode to go through the results

–Not integrated into the SDLC

–It’s a service, so you continually rely on your vendor to do scans

–Not a scalable solution for a large enterprise with large portfolios