LogLogic Selects Veracode to Automate Application Security Testing of Industry-Leading Log Management and Intelligence Solution

BURLINGTON, Mass – March 31, 2008 – Veracode Inc., the leading provider of on-demand application security testing solutions, today announced that LogLogic, the log management leader, is using Veracode SecurityReview® as an on-demand service to automate the security testing of its log management appliances. LogLogic provides Log Management and Intelligence (LMI) to CIOs and IT managers within enterprises and government organizations.

LogLogic appliances enable log data from firewalls, routers, servers, applications (commercial and homegrown), operating systems and devices to be automatically collected, stored, reported and alerted on in near real-time for user activity monitoring, industry compliance and risk mitigation. Flexible reporting capabilities and log intelligence allow for mountains of log data to be collected, analyzed and stored for greater flexibility and simplicity while reducing the cost of monitoring an organization's IT infrastructure.

"As the log management leader, we must guarantee rigorous security testing of our best-in-class log management solutions," said Patricia Sueltz, president and CEO of LogLogic. "Our customers can't miss a beat. SecurityReview's service-based testing approach allows us to verify the security and strength of our products right away so we can get to market faster and help customers confidently track and monitor their logs."

LogLogic is able to capture 100% of log data from virtually any source, making it an ideal solution for regulatory compliance, network security, monitoring user activity and evaluating business performance. Log data collectors are installed on mission critical systems (e.g. ERP and HR systems) and therefore cannot afford to miss significant logs or unusual activity within an organization's IT perimeter. Leveraging Veracode SecurityReview gives LogLogic three key components not found in any one application security testing solution: an independent rating to validate the security of their products; the ability to check third-party applications and components that are part of LogLogic's solutions; and scanning for vulnerabilities such as backdoors using an on-demand service-based approach.

"Veracode SecurityReview allowed LogLogic to scale quickly by providing an independent assessment of vulnerabilities during critical milestones of the development lifecycle," said Matt Moynahan, Veracode's CEO. "As a user-friendly and affordable service, SecurityReview provides security verification early on in an application's lifecycle, enabling organizations of all sizes to avoid costly problems arising during deployment."