Michael Fitzgerald published a nice article on Veracode in NYT today. He gets to the heart of the matter about why the Veracode approach matters.
Veracode isn’t the first company to try to automate elements of hacking. Companies like Fortify, Coverity and Watchfire offer automated tools to help companies test aspects of their software, as does Microsoft. But Veracode is the first to offer a service that tests binary code, produced after a program’s source code has been put through a compiler and converted into the 0’s and 1’s needed to make it work.
Source: To Find the Danger, This Software Poses as the Bad Guys – New York Times