Wednesday, November 4, 2009

Codenomicon Releases Fuzzing Tool for Security Testing

Codenomicon released a general purpose fuzzing tool for testing communication interfaces. The new DEFENSICS Traffic Capture Fuzzer loads threat vectors from sources like network analyzers and vulnerability feeds, and automatically generates extensive tests to find zero-day threats in protocol implementations.

"In a matter of minutes from getting my hands on our Traffic Capture Fuzzer, I was already testing a wide range of proprietary protocols, which had always worried me, but for which Model-Based Fuzzers would have been impossible to create," says Ari Takanen, CTO of Codenomicon and co-author of Fuzzing, a security testing book for both security experts and network engineers. "I can definitely see all of our customers benefiting from this solution," he continues.

Codenomicon said its Traffic Capture Fuzzer reads files in PCAP format, which is supported by all network analyzers and which is generally accepted as a standard for storing network flows. The Traffic Capture Fuzzer is software-based solution, and can be used at every stage of the software development lifecycle.