Sunday, November 4, 2007

Mu Security Enhances its Security Analyzer

Mu Security announced a major new release of its flagship Mu-4000 Security Analyzer appliance, which is designed to test the robustness and reliability of networked products and IP business services. Mu Security's third-generation solution adds sharable analysis templates, interactive graphical response time charting and dynamic stateful protocol fuzzing as the basis for robustness analysis.

The Sharable Analysis Templates help to establish strategic best practices for system testing across organizations. Organizations often find it very difficult to add security metrics or repeatable processes across groups. Typically, only a small, specialized incident response group within a company has security expertise, whereas the larger product certification/testing group often lacks sufficient security knowledge to test for product robustness. Mu Security's Mu-4000 platform now supports customizable analysis templates that easily transfer between Mu-4000 appliances to help disseminate scarce security knowledge within organizations.

Latency-sensitive applications unable to process valid data in specific timeframes may not meet response-time goals or service level agreements. Mu Security said legacy fuzzing tools have never before attempted to measure a target system's ability to process valid traffic while being probed by invalid traffic.

With Response Time Charts, the updated Mu-4000 interactively exposes quality and availability issues to accelerate remediation. Customers can actively gauge a system's ability to maintain control and specific performance levels while processing unexpected inputs. In addition to hard failures (e.g., system crashes), users can now isolate hard-to-detect "soft faults" including memory leaks, CPU utilization spikes and rising latency levels to help service providers maintain SLAs by avoiding costly downtime.

Mu Security also noted that its dynamic stateful fuzzing engine can deliver structurally and semantically invalid attacks in all the relevant states of stateful protocols. These attacks include valid packets sent at the wrong time, or packets that are never valid, but are designed to cause damage to the code that implements the protocol's state machine(s). This latest Mu-4000 provides deeper and broader attack surface coverage, and enables customers to significantly reduce service-impacting vulnerabilities.

  • In October, Mu Security appointed Dave Kresse as its new CEO and Kris Nagel as vice president of worldwide sales. Kresse was previously vice president and general manager of the storage management and application integration business unit at NetApp. Nagel joins Mu from SS8 Networks and is responsible for developing and directing worldwide sales strategies and managing operations for direct and inside sales. Mu Security Co-founder and former CEO Ajit Sancheti becomes the company's vice president of business development.