How can I certify my product?
Download beSTORM, select the appropriate protocol module (or auto-learn for proprietary protocols) configure your product to work in a production-like configuration and launch beSTORM against it.
As soon as beSTORM completes its run you will receive a report indicating whether your product has passed the required certification requirements or whether it has failed any of them.
Running a full beSTORM session will deliver several million different attack scenarios against your product and enable you to certify that it’s ready for the real world and safe from any security weaknesses such as buffer overflows and format string vulnerabilities.
Many of beSTORM’s standard protocol modules include both the RFC specifications and proprietary implementations. One example is the FTP protocol module.
Can beSTORM test proprietary protocols?
beSTORM has a unique feature that allows it to auto-learn any network protocol by analyzing sample data and determining the protocol description.
Example: File Transfer Protocol (FTP)
beSTORM tests the server and client side of the FTP protocol, with strong emphasis on support for the following RFCs: RFC 959, RFC 949, RFC 1639, RFC 2228, RFC 2389, RFC 2428 and RFC 2640. These RFCs include the specification from the most basic FTP commands USER and PASS, up to the more complex PBSZ and AUTH directives.
Using just one its many protocol modules, beSTORM can verify that an FTP server or client will not fail in a hostile environment.