beSTORM Certification Process

You can now reliably certify almost any network hardware or software for compliance to the industry standard RFCs, common implementation practices and interoperability with other products and environments, all while checking it for known and unknown security holes.

The certification is done by beSTORM's patented fuzzing engine which can test your product for known vulnerabilities and their variants as well as unknown vulnerabilities that are specific to your platform, product or even setup.

Running a full beSTORM session will launch several millions of different attack scenarios against your product and enable you to certify that it's ready for the real world and safe from any security weaknesses such as buffer overflows and format string vulnerabilities.

Many of beSTORM's standard protocol modules include both the RFC specifications and proprietary implementations. One example is the FTP protocol module.

How can I certify my product?

Download beSTORM, configure your product to work in a production-like configuration and launch beSTORM against it.

As soon as beSTORM completes its run you will receive a report indicating whether your product has passed the required certification requirements or whether it has failed any of them.

Can beSTORM test proprietary protocols?

beSTORM has a unique feature that allows it to auto-learn any network protocol by analyzing sample data and determining the protocol description.

File Transfer Protocol (FTP)

beSTORM is able to test both the server side and client side of the FTP protocol, with strong emphasis on support for the following RFCs: RFC 959, RFC 949, RFC 1639, RFC 2228, RFC 2389, RFC 2428 and RFC 2640. These RFCs include the specification from the most basic FTP commands USER and PASS, up to the more complex PBSZ and AUTH directives.

beSTORM can verify that an FTP server or an FTP client would not fail to work in production or even hostile environments without falling to an attacker exploiting a buffer overflow or a format string vulnerability to gain unauthorized access or crash the device remotely.

Whitepaper - FAQ - Contact us for a price quote - Request Trial - .ANI file fuzzing module - Version Comparison

beSTORM

Secure programming from the start

Next generation security testing

Audit more applications with greater efficiency

Automated
Vulnerability
Detection
System

Daily automated security assessment

Solutions to vulnerabilities found

Manage vulnerabilities across the enterprise

Web Site Security Audit

Scan your web site for security holes

Fastest Scan Turnaround

Get Help From Security Specialists

www.SecuriTeam.com

Among our Clients

Contact Us

US: 1.800.801.2821

UK: +44.203.006.3022

News Headline

	ion-ip to offer Beyond Security's VA solutions in the Netherlands

	beSTORM the first security testing tool to introduce RMI fuzzing

	Beyond Security Finalist for the Red Herring 100 Global Awards 2007

	Beyond Security CTO's keynote in Malware 2007

Security News

	Cisco Unified Communications Manager IP Phone Personal Address Book Vulnerability.

	Garmin Communicator Plug-In Domain Locking Security Bypass.

	Ghostscript jbig2dec JBIG2 Processing Buffer Overflow.

	IBM BladeCenter Advanced Management Module Multiple vulnerabilities.