Uleska News

Uleska partners with Veracode to help businesses in UK and worldwide scale application security and automate security testing.

LONDON, UK – Oct. 04, 2019Uleska, a web-based platform which examines a software application to be built, along with security regulations, and proactively generates necessary software security checks and reports, today announced it has signed an agreement to partner with Veracode, a global software security leader.

Uleska is now an Authorized Reseller of the Veracode platform, allowing Uleska to help its customers combat modern security threats by managing and automating a range of security testing tools, including Veracode’s innovative application security solutions.  

Veracode’s SaaS platform, which includes static analysis, dynamic analysis, software composition analysis (SCA), and manual penetration testing, assists developers with finding and fixing security-related defects throughout the software development lifecycle. The platform offers a holistic, scalable approach to AppSec in one centralized view. It allows businesses to identify and resolve critical vulnerabilities while ensuring regulatory compliance without sacrificing speed or innovation.

The partnership is based on shared vision of secure software development. Veracode and Uleska help companies make security a seamless part of the development process. This allows them to both find and fix security defects so that they can use software to achieve their missions, which aligns with Uleska’s core values as a software security organisation.

Why Uleska and Veracode?

Software has transformed the way we conduct a range of incredibly important tasks and fuels the operations of businesses in every sector. Yet most software contains flaws. According to Veracode’s State of Software Security (SoSS) report, more than 85 per cent of all applications have at least one vulnerability in them; more than 13 per cent have at least one critical severity flaw.

The new role of software and today’s development paradigms is now key to effective information security.

Uleska, ultimately, understands that without innovative software security measures and clear communication amongst executives, software vulnerabilities could exposed sensitive data or lead to a costly data breach.

Uleska’s groundbreaking Cyber Value-at-Risk Reporting, driven by the risk and compliance needs of the organisation, is complemented by technical security testing that can be automatically achieved.

As a Veracode partner, Uleska can provide an accurate view of software security vulnerabilities and recommendations for fixing them, allowing companies to create secure software. Uleska is incredibly excited about this opportunity and views the partnership as an avenue to continued success in the rapidly growing global application security market.

About Veracode

With its combination of automation, process, and speed, Veracode becomes a seamless part of the software lifecycle, eliminating the friction that arises when security is detached from the development and deployment process. As a result, enterprises are able to fully realize the advantages of DevOps environments while ensuring secure code is synonymous with high-quality code. 

Veracode serves more than 2,100 customers worldwide across a wide range of industries. The Veracode Platform has assessed more than 10 trillion lines of code and helped companies fix more than 36 million security flaws.

Learn more at www.veracode.com, on the Veracode blog and on Twitter.

Uleska has received support from Invest Northern Ireland under the European Union’s Investment for Growth and Jobs Programme. The project will be implemented over the next year, performing research and development activities aimed at developing new products aligned with market demand and grow the customer base outside Northern Ireland.

Northern Ireland’s excellent business credentials are supported by strong and resilient infrastructure. This excellence has helped catapult Uleska to cyber security innovation.

Northern Ireland is, currently, the number one international investment location for cyber security development projects. It is now home to an impressive cluster of international companies, world renowned university research and innovative start-ups delivering global cyber security solutions, including the Uleska platform.

Companies in Northern Ireland have built upon expertise in advanced persistent threats to cyber security, critical infrastructure networks, capital markets and software applications, which has led to much excitment and involment in investment for Uleska as an organisation.

Uleska’s success can be attributed to a blend of world class talent, expertise, security-research excellence and being highly competitive within the market including a unique cyber security solution.

Northern Ireland’s cyber security and tech community is thriving and has a highly developed community of businesses which has continually attracted further investment, along with a vibrant networking scene. Uleska is delighted to be apart of this and looks forward to the continued growth and investment.

Uleska recently exhibited at CyberUK 2019 in Glasgow’s Scottish Event Campus. The event highlighted the progress that needs to be taken within cyber security and showcased innovative solutions currently on the market. Here are Uleska’s top five takeaways from the event.

CyberUK is the UK government’s flagship cyber security event. Hosted by the National Cyber Security Centre (NCSC), it features world-class speakers, solutions and opportunities for interaction between the public and private sectors.

The conference showcased evolving cyber threats that face the UK and how we must respond as individuals and organisations to keep cyber security one step ahead of malicious hackers.

Here are our top five security trends.

1) Many companies are in need of faster and more frequent software security checks and assurance.

In today’s software-driven climate, major companies are releasing software updates thousands of times a day. Amazon, for example, was doing a production deployment every 11.6 seconds in 2013.

Current testing to determine the weaknesses within an application can take months, and with software releases being pushed so frequently the traditional processes simply cannot guarantee software security.

This lack of speed and frequency can lead to release and security management practices being ignored. Akin to building skyscrapers from the same materials we used to build huts, if this continues we can expect software to continue to randomly, and catastrophically, fail.

The need for faster and more frequent security testing has also been pointed at the skills gap within cyber.

Gillian Arnott, International Communications and Marketing Manager, and Nick Chaffey, Chief Executive UK and Europe for Northrop Grumann asked the question of how we are going to meet the government target of filling 1.2m new technical roles.

Through engaging, educating and enthusing a new generation of cyber security practitioners, they are confident that they can capture new ability to push for innovative ways to test faster and more frequently.

2) Automation and orchestration of software security is moving from industry advisories, such as Gartner and Forrester, into everyday practice by industry.

Both Gartner and Forrester input’s into the importance of automation and orchestration within security testing has gone from advice to everyday practice.

Last year, for example, Gartner advised that by 2020 15 per cent of organisations with five or more IT security professionals will be using automation and orchestration tools to security test.

This advice has already started to work its way into best practices and many are taking the ASTO approach to security testing.

Speaking at CyberUK Cyber Security Partner at PwC, Colin Slater, backed up their everyday practices coming to fruition. He spoke about automation and orchestration services letting organisations hunt the threats they need to focus on, not just the alerts.

3) Consulting organisations servicing the public sector are being asked to innovate around their services, due to pressures on time, scope, and pricing.

The public sector faces a multitude of pressures, not least the financial challenge of shrinking budgets and increased expectations of service users.

Due to the speed of software development, the increasing scope of vulnerabilities and the expense of traditional security testing, public sector serving security companies are having to change the way they approach security testing and operations.

4) Regulatory concerns, in terms of breach fines, continue to be the largest driving factor in the procurement of cyber security services.  However, with more and more public sector initiatives involving software, the scale of this challenge is growing fast.

If a data breach doesn’t kill your business, the fine might.

Breaches and the associated fines have a massive negative impact on a company’s customer base, particularly if the breach involved sensitive data.

This fine driven fear has prompted numerous organisations to obtain cyber security resources, however, these organisations are starting to see the scale of security that is now needed due to the vast initiatives involving software.

5) The NCSC advisories on Cloud First and the 14 principles of Cloud Security are proving to be strong advisories, allowing public sector departments to involve these advisories in their procurement and evaluation discussions.

Everyone wants to know that their information is safe and secure and businesses have legal obligations to keep client data secure.

Two of the NCSC’s most senior researchers into cloud usage outlined some of the biggest threats that come with using the cloud. Their talked outlined some of the 14 principles in greater detail and presented the latest thoughts on laaS vs. “serverless” technologies.

NCSC’s 14 principles include the likes of a Governance framework, identity and authentication and secure development.

This advisory list details the context for the 14 Cloud Security Principles, including their goals and technical implementation, which means that any level of personnel in an organisation can understand the framework that needs to be in place for safer cloud security.

Uleska has accepted a place on the London Office for Rapid Cybersecurity Advancement (LORCA) programme for 2019, an incredible opportunity in the life of the Belfast based cyber security company.

The team at Uleska is proud to announce the company’s involvement and acceptance within the LORCA workspace.

This opportunity will allow Uleska to bring cyber solutions to market at greater pace and scale, and to collaborate with some of the largest software and IT  companies within the UK.

The involvement will allow Uleska to work with enterprises to ensure its solutions meet the industry’s biggest challenges.  It will also allow Uleska to build its international cybersecurity profile by engaging with worldwide enterprises and participating in targeted trade missions to the US.

LORCA is a joint collaboration between Plexal, CSIT and Deloitte, funded by the Department for Digital, Culture, Media & Sport as part of the National Cyber Security Strategy.

LORCA is convening organisations small and large; investors, academics, sister programmes and the international community, to maximise the commercial potential of great cyber solutions, minimise the barriers to scale and increase speed to market.

By 2021, LORCA will have stimulated the growth of the UK’s high-potential cyber security companies, encourage the growth of up to 2,000 jobs, and secure £40m in investment.

Gary Robinson, Founder and CEO, Uleska said, “This is a fantastic opportunity for the Uleska team to expand our product intelligence through working and networking with expert cyber security practitioners and listening to the challenges of enterprises.”  

He continued, “LORCA’s goals and ambitions of Secure by Design, Securing the Basics, and Beyond, were developed in collaboration with industry and fit perfectly with Uleska’s offering that allows organisations to handle more security assurance with less personnel, measure and prioritise their software security every day, and communicate their security strategy easily.  

“As such, LORCA’s attitude towards cyber security fits perfectly into those of Uleska and we are extremely excited by the collaboration.”

If you wish to speak to the Uleska team about our recent acceptance on to the LORCA programme, please contact info@uleska.com.

For further information regarding LORCA, please visit www.lorca.co.uk.

Uleska has been invited to speak, as well as exhibit, at Infosecurity Europe 2019 at the Olympia, London, between 4th – 6th June.

Uleska is proud to announce that we will be speaking and exhibiting at Infosecurity Europe 2019. The event, held at the Olympia in London, will take place over three days and see some of the most cutting edge cyber security companies exhibit, attend, speak and network.

Uleska CEO and founder Gary Robinson will be speaking at the event, covering both Application Security Automation & Orchestration and Automated Cyber Value At Risk.

This talk comes as enterprises are faced with massive opportunities, and risk, due to the tide of software transformations they are undergoing.  Traditional security testing is running much slower than their software changes, with a lack of clarity in security coverage. The benefits of these talks include an understanding of how Uleska’s automation is reducing the need for personnel and providing much-needed consistency for software assurance.

You will also be able to see how automation and orchestration can be achieved for application security and understand the benefits of experiencing software assurance in a truly integrated and DevOps environment.

Uleska is excited about the opportunity to inspire people about our platform and services during three days of networking and collaboration and hopes that the event will be a success for the cyber security industry as a whole.

Infosecurity Europe has been dubbed the sourcing and knowledge hub for Europe’s information and cyber security community.

With over 400 cutting-edge suppliers, a far-reaching conference programme and a host of networking opportunities, the event will bring the information and cyber security to life. This is an event within the cyber security industry that you cannot afford to miss.

The plethora of interesting and educational talks, coupled with the ability to talk to industry thought leaders offer a variety of security-related problems is reason enough to make sure you are in attendance.

The group covering the event has over 23 years of global experience in informing, inspiring and enabling business connections in the information and cyber security industries.

Whether you are attending or exhibiting, the Uleska team would appreciate your time at stand Q115 to discuss how our cyber security solutions can efficiently and effectively help you protect your software, reduce the reliance on personnel and allow you to better understand your security scope.

If you would like to contact Uleska before Infosecurity Europe then please email info@uleska.com, or contact Uleska through the event portal.