1 min read

Spirent Extends Security and Performance Testing Leadership with CyberFlood

Industry’s First Server-Response Fuzzing Raises Security Standards for Testing Against Malicious Attack Vectors

Spirent Communications.Spirent Communications, an industry leader in test and measurement, today extended its lead in security and performance testing by introducing the industry’s first server-response fuzzing capability within CyberFlood, its premier security test solution. A breakthrough in security and performance testing, CyberFlood’s server-response fuzzing functionality tests the ability of security devices—firewalls, intrusion prevention systems (IPS), secure web gateways and others—to handle malformed traffic sent from a server on the Internet to a client device using a single test solution. This is achieved without the time, effort and cost of building a complex test environment, allowing the user to get up and running more quickly with better results than ever before.

“We launched CyberFlood last year with SmartMutation™, the first-of-its-kind, true intelligence-driven fuzzing strategy. This set a new benchmark for security testing, allowing testing to go deeper, wider and across more code paths than any other solution in the industry,” said David DeSanto, director, products and threat research at Spirent Communications. “Other fuzzing solutions today only offer users the ability to fuzz the client definition of the network protocol when testing a device.

“Leveraging CyberFlood’s unique technology, users can now fuzz the server definition of the network protocol, confirming that a device can handle malformed responses from a server on the Internet targeting a client device, one of the most common and malicious attack vectors leveraged by hackers today. This gives enterprises, service providers and equipment manufacturers a fast and easy way to test security devices with no test environment to set up, and with no false positives during testing”.

The latest CyberFlood update includes several new features while enhancing CyberFlood’s ease of use:

New Attacks-Only and Client-Only DDoS attack modes add greater flexibility to DDoS attack emulation and enable customers to quickly go from the login screen of CyberFlood to a large-scale DDoS attack emulation in a few clicks.

New Network Resiliency tests cover the full range of RFC 2544 verification, including measuring maximum throughput, latency, jitter and burstability.

Tests can be organized in groups focused around a specific goal, such as an upcoming software release or enterprise product evaluation, enhancing collaboration within teams.

Additional fuzzing protocols allow CyberFlood to test devices across the entire Layers 2 through 7 stack and across multiple industry verticals, including industrial control, healthcare, finance, IoT and automotive.

CyberFlood continues to set the industry standard for malware testing with the only near-zero-day malware offering available in the industry, allowing enterprises to find the holes in their threat landscape, service providers to validate their SLAs and equipment manufacturers to confirm and extend their signature as well as heuristic detection functionality.