Photo: Isaac Sundarajan, CEO of Codenomicon.
Codenomicon Ltd. is releasing its Defensics platform, which it says provides proactive, pre-deployment security and robustness for IP-based, wireless and digital media systems. This will help organizations defend against the increasingly sophisticated attacks levied against the corporate infrastructure.
With the new platform, the company has refocused its efforts, it says, to deliver test proactive tools and technologies that address the pre-deployment security market and ensure that enterprises are safeguarded from public security threats from the very outset.
"Clearly, the number and the intensity of public security threats to complex enterprise networks are increasing exponentially," said Isaac Sundarajan, chief executive officer at Codenomicon. "Today, even a network populated with every type of post-deployment security technology, from firewalls to traffic inspection tools, is not safe. Only proactive, pre-deployment defenses can ensure that these vulnerabilities are identified and neutralized.
Codenomicon's mission is to help developers, service providers and enterprises to defend their software, devices and data from security exposures and system failure."
By the end of 2007, 75 percent of enterprises will be infected with undetected, financially motivated, targeted malware that evaded their traditional perimeter and host defenses, according to a December 2006 report from market research firm Gartner Dataquest in Stamford, Conn. Currently, financially motivated, targeted attacks are on the rise and automated malware-generation kits allow attackers to create thousands of variants quickly -- but current security processes and technologies are not up to the task of protecting users, the report concluded.
A single security breach can represent substantial financial losses. For example, a single hour of downtime, particularly for organizations in the communications and financial industries, can potentially cost millions of dollars, according to Gartner Dataquest.
Codenomicon has developed its technology over 10 years and has proven to be the most effective and efficient methodology for identifying vulnerabilities and avoiding security breaches, it claims. The technology allows network product companies to delve into the deepest architecture levels during the earliest stages of the development cycle in order to identify the largest number of problems possible. This dynamic approach allows corporate enterprises to mitigate or avoid the very real costs associated with increased development demands, software upgrades, product recalls, brand damage, service interruptions and legal exposure due to security breaches.
Using the Defensics platform, technology makers can shift the testing process from a traditional "bug fix" model to identify and address security holes early in the development and release process. The platform provides the framework to allow software developers to systematically defend networks, applications, devices and data from security vulnerabilities, service interruption, and system failure.
This platform, which provides the most effective black-box solution available today, allows developers, service providers and enterprises to defend their software, devices and data from security exposures and system failure through intelligent targeting of robustness flaws. The software-only solution gives test teams broader code and RFC coverage, helping find more vulnerabilities and critical flaws than other negative, fuzzing-based solutions. When running on a standard laptop, the platform allows users to test any system in any location.
The Codenomicon Defensics platform creates systematic and repeatable tests that developer can readily integrate into their existing testing environment. The platform is the only security and robustness solution that covers the testing of three critical attack vectors: network, wireless and digital media. Defensics covers over 120 interfaces and formats to allow system testing from the link-level communication all the way up to application protocol level. Pre-built and highly targeted test cases allow users to start testing as soon as the test tool has been connected to target system.
The Codenomicon Protocol Modeling Engine and the Codenomicon Attack Simulation Engine in Defensics ensure that users identify known and zero-day vulnerabilities. The solution offers multiple command interfaces, including an easy to use GUI and command line script accesses.
Codenomicon was recently ranked as the sixth fastest growing company on Deloitte's Rising Stars list of high-tech companies in Finland. The list is a part of the Fast 500 EMEA program, which recognizes 500 technology companies that have achieved the fastest rates of annual revenue growth in Europe, the Middle East and Africa. Codenomicon test tools automate the process of testing information systems and software components for their tolerance against unexpected inputs such as network-based attacks.
Codenomicon test tools are used to improve the quality of software and to support customer-driven product evaluation, certification and acceptance testing of communication software. Codenomicon solutions include tools for testing the security and robustness of core Internet software, VoIP, 3G, Bluetooth, WiFi, email and digital media.
