Unknown vulnerabilities are one of the biggest threats to IT security, because they leave systems open to cyber-attack. By revealing critical vulnerabilities and fixing them before anyone has a chance to exploit them, Codenomicon’s solutions are a very valuable tool for countering threats like these.
Codenomicon’s unknown vulnerability management solutions give users a comprehensive understanding of the hidden weaknesses of their IT systems and networks – together with the tools they need for neutralising the danger that these weaknesses represent.
A number of major governments and leading software companies, operators, service providers, and manufacturers worldwide have adopted Codenomicon’s solutions to secure and protect their networks, products, and services. Companies such as Verizon, NTT, AT&T, Cisco Systems, Alcatel-Lucent, Sony, Microsoft, and Deutsche Telekom all rely on Codenomicon Defensics today to test the robustness of the most mission-critical aspects of their operations.
Defend and deploy
Defensics is Codenomicon’s main product and is based on an advanced form of fizz testing, which feeds a program, device, or system with malformed and unexpected input data to locate defects. Defensics is the leading solution of its type and provides fully automated security testing suites for over 200 different communication protocols, file formats, and XML applications.
Defensics uses model-based systematic fuzzing to provide industry-leading testing coverage and unparalleled efficiency in finding unknown vulnerabilities, with tests that penetrate all the way down into the state machine and output generation routines. Thanks to its high speed, Defensics can generate and run thousands of test cases a second, while providing accurate reports that are easy to interpret and act upon.
Codenomicon’s Fuzz-o-Matic builds on this approach and takes automated fuzzing to the cloud. Accessible anywhere, Fuzz-o-Matic can handle several builds at a time, making it easy to test a system build by build and access and share test results with developers.
Catching internet abuse before it hurts
Codenomicon’s AbuseSA has been designed to provide a comprehensive overview of Internet abuse – and is used by governments, ISPs, and other critical network operators to help them locate and shut down malicious operations.
By collecting, processing, reporting, and visualising abuse information completely automatically, AbuseSA enables users to stay up-to-date on the latest threats without the need for expensive sensor-based systems. The interactive visualisations AbuseSA creates from real-time network traffic and abuse information give users a snapshot view of the status of their network and critical resources and enable actionable incident information to be shared with those who need it.
By automating their abuse handling with AbuseSA, many CERT organisations have been able to exponentially increase the number of cases they can handle. Numerous ISPs and IT organisations have also been able to detect abuse such as outbound spam.
|Codenomicon’s proactive software security solutions are designed to reveal critical vulnerabilities and fix them before they can be exploited.