beSTORM the first security testing tool to introduce RMI fuzzingMcLean, VA, June 30, 2008
Beyond Security, the leading provider of security testing and assessment tools, today announced the latest version of its security analysis solution. In the recently released version of beSTORM, Beyond Security has added the capabilities to fuzz test Sun's RMI Protocol (Remote Method Invocation). This is the industry's first automated security testing tool for the RMI protocol which until recently was regarded as a transparent transport layer and is now fast becoming a target for attack.
beSTORM's ability to test this transport layer allows users to verify that their RMI supported application is safe from attack, and that it cannot be rendered unusable, or even worse - leveraged to attack the database or server on which the application connects to. beSTORM also provides a special certification that can be used to proof to customers that the platform is free from vulnerabilities, effectively increasing product value for customers.
beSTORM offers aupport for a wide range of transport layer protocols and can be used to test a variety of formats that are used by today's open and proprietary protocols. This includes support for SCTP, SSLv2, SSLv3, TLS and of course RMI.
Beyond Security's unique position in the security testing tools market comes from its unparalleled database of security holes. As the founder and operator of www.securiteam.com, the largest independent security portal in the world, Beyond Security has been building a database of known security holes in operating systems and software programs since 1998. Over 10,000 security holes in thousands of platforms, applications and devices have been documented on SecuriTeam.com. No other security vendor has a database of this magnitude, giving Beyond Security a distinct advantage over other companies with similar products.
beSTORM was launched in 2005 after a cumulative effort of three years of research and development. beSTORM performs exhaustive protocol analysis in order to uncover new and unknown vulnerabilities in network products. It is differentiated in that it does not require access to the source code, which makes it an ideal solution for testing third party products before they are implemented, a procedure often called "Blackbox testing".
A free trial version of beSTORM is publicly available and employs a client/server architecture that runs on Windows, UNIX and Linux.
For more information, please visit www.beyondsecurity.com/beSTORM.
About Beyond Security
Beyond Security, a privately-held company, develops leading vulnerability assessment and self-management solutions that facilitate preemptive, real-time and continuous network, server, database and application security. The company was founded in 1999 by the founders of SecuriTeam portal (www.securiteam.com), a leading source for vulnerability alerts and solutions serving 1.5 million monthly page views to IT security professionals. Beyond Security's founders are great believers in automation, which is why the company sells tools instead of using them to provide services. Beyond Security's goal is to decrease the number of security holes in products to manageable levels and empower software vendors to release secure products. For more information, visit www.beyondsecurity.com.