Defensics - Proactively Discover and Remediate Unknown Vulnerabilities

Organizations increasingly depend on information technology to process vital data and for operations. It is estimated that as of today, there are 13 billion devices connected today. By 2020, this number is expected to grow to 25 billion. This enormous growth presents cyber attackers an opportunity to breach security and compromise organizations' data. An organization needs to be proactive in detecting unknown vulnerabilities in business-critical software and devices. Since it is better to detect and prevent anomalies earlier than later, there is a need for software that discovers and remedies unknown vulnerabilities early in the development lifecycle and supply chain.

Defensics from Synopsys is a powerful testing platform that enables developers and asset owners to proactively discover and remediate unknown vulnerabilities in software and devices. It uses fuzzing to identify and mitigate potential security threats.

A fuzzer is a piece of software that tests a piece of target software and fuzzing is the process of sending intentionally malformed inputs to a piece of software to see how it reacts. If it fails, it indicates a bug, which can then be fixed to improve the robustness and security of the target software. Fuzz testing exposes software defects and vulnerabilities more effectively than any other solution in the market.

Defensics is a fuzz testing tool that dynamically triggers and detects unknown vulnerabilities in a test environment and can be used proactively to preempt security attacks.

Key Features of Defensics

Fully-automated testing platform with pre-built test suites relieve the responsibility and burden of manual test creation.
Utilizes various techniques to generate effective test cases, including “template,” “generational,” and “evolutionary” test engines.
Supports advanced techniques for detecting failures and anomalous behavior, including valid case or functional response, resource monitoring, dynamic binary analysis, and source code instrumentation.
Advanced test suites available for 290+ network protocols, file formats, and other interfaces. Test suites are continuously added, improved, and supported by a dedicated team of test developers.
Thorough documentation and reporting features allow Defensics to identify the root cause of critical failures in such a way that they are repeatable, easy to understand, and can be shared with the stakeholders involved in the remediation process.

Supported Protocols
(Not All Protocols Listed)

(MEF-16)
BACNET
BFD
BFD
BGP4+
BICC/M3UA
Blueooth LE
Bluetooth
CAN Bus
CFM
CIFS/SMB
CIP
CMP v2
COAP
CWMP (TR-69)
DHCP/BootP
DHCPv6
Diameter
DICOM
DNP3
DNS
DTLS
DVMRPv1
DVMRPv3
E-LMI
EAPoL/802.1x
ESTP
Ethernet
FCoE + FIP
FIX
FTP
GARP 802.1D
GRE
GTPv0
GTPv1
GTPv2-control
H.248

H.264
H.264 RTP
H.323
HTTP
IEC 60870-5-104
IEC 61850/Goose/
SV
IEC 61850/MMS
IEE1588 PTP
IKEv2
IMAP4
IPMI
IPSec
IPv4
IPv6
IS-IS
ISAKMP/IKEv1
ISASecure Solution
iSCSI
JSON format
Kerberos
L2TPv2/v3
LACP (802.3ad)
LDAPv3
LDP
LLDP (802.1AB)
MAP
MIME
ModBus
MP4
MPLS
MQTT
MSDP
MSRP
NetBIOS
NFS v2/v3
NFS v4.0 / v4.1

NHRP
NTP
OAM (802.3ah)
OCSP
openFlow
OSPFv2
OSPFv3
PBB-TE
PBT (802.1ah)
PCP
PIM-SM/DM
PMIPv6
POP3
PPPoE
Profinet DCP (PLC)
Profinet PTCP (PLC)
RADIUS
RIP
RIPng
RSVP
RTP/RTCP/SRTP
RTSP
S1AP
SCEP
SCTP
SIP
SIP-I
SMBv2
SMBv3
SMPP SMS
SMS PDU/File
SMS SMPP
SMTP
SNMP Trap
SNMPv2c
SNMPv3
SOCKS

SSH1
SSH2
STP
STUN
SunRPC
SyncEthernet
Syslog
Telnet
TFTP
TLS 1.2
TLS/SSL 1.0/1.1
SSL3
Traffic Capture
Fuzzer
Trill
TURN
Universal ASN.1
BER
Universal Fuzzer
UPnP
vCalendar format
vCard format
VRRP
Web Application
Web Socket
Wi-Fi AP
Wi-Fi AP WPA
Wi-Fi Client
Wi-Fi Client WPA
WMV
WPA Enterprise
X.509v3
XML File
XML SOAP
XMPP

Products

Defensics - Proactively Discover and Remediate Unknown Vulnerabilities