Codenomicon, the leading vendor of proactive security testing solutions, today announces the release of Fuzz-o-Matic cloud-based software security Testing-as-a-Service (TaaS) platform for enterprise software and applications running on Windows, Linux, Mac, and mobile operating systems. The new cloud-based service provides benefits of Codenomicon's 15 years of experience in zero-day vulnerability discovery to users who do not have security testing staff or have limited budget for security auditing.
Fuzz-o-Matic provides users actual, repeatable test cases for software bugs that cause product crashes and security breaches. Codenomicon's security testing platform finds previously-unknown vulnerabilities before hackers do, without false positives or false alarms. For users who already tested software with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), vulnerability scanning, or hybrid analysis, Fuzz-o-Matic is the next progression in testing to find the bugs the other testing solutions missed. For users who have not tested software at all yet, but the user's code is executable, Fuzz-o-Matic provides users longer lead-times to remedy bugs before software release.
"With Fuzz-o-Matic, Codenomicon is making available advanced methods of software security testing to a wide range of users who never before had access. Based on Codenomicon's experience in identifying software security risk and Fuzz-o-Matic's user-friendly interface, Codenomicon is first-to-market in a new area with broad implications for third-party testing, security testing staff augmentation, and serving organizations with limited software testing budgets," says Olga Yashkova, Program Manager for Frost & Sullivan's North America Communications Test & Measurement Practice.
According to Ira Winkler, security expert and Codenomicon's Chief Security Strategist,"It is irresponsible to seriously consider investing in or acquiring a software product without testing for software reliability and security. While people think of software fuzzing as a security measure, fuzzing is really testing for all types of software bugs, of which security vulnerabilities are just one type of bug. Fuzzing is perhaps the most effective measure of identifying any software reliability issues. To that end, investors and M&A professionals need to ensure they use a reliable fuzzing tool that is proven, robust and versatile. Only a testing-as-a-service platform with this level of support can produce repeatable and robust results that can produce a reasonable level of diligence, beyond the straight financials."
Fuzz-o-Matic is a convenient and cost-effective approach to application fuzzing for those who do not have in-house security testers or have a limited budget for penetration testing. Application fuzzing uses unexpected inputs to stress-test software far beyond normal operating conditions. Most software testing simulates normal operating conditions to determine if software does what it is designed to do. Black-hat hackers use application fuzzing to find exploitable security bugs in unused or rarely-used software functionality. Microsoft Software Development Lifecycle (SDLC), Cisco SDLC, and Building Security in Maturity Model (BSIMM) recognize the key role of fuzzing in the creation of secure and rugged software. Fuzz-o-Matic uses a range of fuzzers to provide the most comprehensive cloud-based stress-testing and vulnerability detection platform on the Market today.
Fuzz-o-Matic Overview and Use Cases are available at codenomicon.com/fuzzomatic.
For more information, contact:
Ari Takanen, CTO, Codenomicon
T: +358-40-5067678 (EMEA and APAC)
About Codenomicon Ltd
Spun-out of Finland's Oulu University in 2001 to provide software security testing solutions to developers and security analysts, Codenomicon's customers include Alcatel-Lucent, AT&T, Cisco Systems, Microsoft, Motorola, Google, Verizon, NSN, Huawei, and T-Systems among many others. Companies rely on Codenomicon's solutions to mitigate threats like Denial of Service (DoS) situations and Zero-Day Attacks, which could increase liability, damage business reputation, and cripple sales. Codenomicon (codenomicon.com) is a member of the SDL Pro Network.