Codenomicon Releases the First Software Based General Purpose Security Testing Solution

OULU, Finland & CUPERTINO, Calif. - (BUSINESS WIRE) - Codenomicon Ltd, a leading vendor of proactive software security testing solutions, released a general purpose fuzzing tool today for testing all communication interfaces. The new DEFENSICS Traffic Capture Fuzzer loads threat vectors from sources like network analyzers and vulnerability feeds, and automatically generates extensive tests to find zero-day threats in protocol implementations.

"In a matter of minutes from getting my hands on our Traffic Capture Fuzzer, I was already testing a wide range of proprietary protocols, which had always worried me, but for which Model-Based Fuzzers would have been impossible to create," says Ari Takanen, CTO of Codenomicon and co-author of Fuzzing, a security testing book for both security experts and network engineers. "I can definitely see all of our customers benefiting from this solution," he continues.

The Traffic Capture Fuzzer reads files in PCAP format, which is supported by all network analyzers and which is generally accepted as a standard for storing network flows. The Traffic Capture Fuzzer is software-based solution, and therefore, it is easy to use at every stage of the software development lifecycle. Programmers can start testing their protocol stacks immediately after the protocol interface is up and running. Penetration testers can go to any test setup, and have their fuzz tests running minutes after the initial analysis of the system.

"Again, Codenomicon shows its leadership in automated security testing with the introduction of a software based general purpose fuzzer," says Srihari Padmanabhan, research analyst at Frost & Sullivan. "Traffic Capture Fuzzer is the perfect low-cost solution for getting started with automated zero-day vulnerability discovery."

Fuzzing is a versatile and comprehensive security testing technique making it a most suitable tool for testing the reliability of novel communication devices or business critical systems and applications. The most effective fuzzing techniques are based on protocol models, but traffic capture based solutions complement these approaches. Traffic Capture Fuzzing is essentially black-box testing, i.e., no access to the source code is needed in order for the tests to find new vulnerabilities. In contrast to security scanners and vulnerability scanners, fuzzing can find and eliminate zero-day exposures in any communication software, network equipment or complex network service.

About Codenomicon Ltd

Codenomicon develops security and quality testing software, which allows users to quickly find and identify both known and previously unknown flaws before business-critical products or services are deployed. Their unique, targeted approach to the fuzz testing of networked and mobile applications exposes more flaws and weaknesses than any other testing platform or methodology. Companies rely on Codenomicon's solutions to mitigate threats, like Denial of Service (DoS) situations and Zero Day Attacks, which could increase liability, damage business reputation and cripple sales. For more information, visit www.codenomicon.com.

About DEFENSICS Traffic Capture Fuzzer

The Codenomicon DEFENSICS product line is the market leader in proactive fuzzing technologies. The DEFENSICS Traffic Capture Fuzzer complements our existing product range by providing new testing solutions and by increasing the testing capabilities of our Model-Based tests. It is also a valuable tool in testing highly complex systems with several interfaces: real network captures provide powerful insight into the system, which can be used to target and refine the tests, and save valuable resources. For more information, visit www.codenomicon.com/defensics/traffic-capture-fuzzer/.

Codenomicon Ltd
Mary Ann Neves, 408-252-4000
info@codenomicon.com