"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code

We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.

If you're serious about implementing protocols correctly, you need the Codenomicon tools."

-- Jeremy Allison,
   Co Creator of Samba


"Codenomicon has found a critical focus area which expands beyond web testing, where the XML industry has an opportunity to proactively assess the security holes contained in everyday services used by the general public. I would hope the industry warmly welcomes both the research results and an innovative testing solution to help diagnose the problems."

Prof. Howard A. Schmidt
former White House Cyber Security advisor & Codenomicon board member

DEFENSICS™ for XML   pdf

Introduction | Test Solution | XML Security Challenge | Screenshots

DEFENSICS Test Solution

The Codenomicon DEFENSICS test platform provides solutions for preemptive security and robustness testing for a wide variety of systems and services ranging from consumer electronics to high end network devices and operator environments. In robustness testing, or fuzzing, large amounts of intentionally malformed test vectors are sent to the system under test, while the behavior of the system is monitored under the unexpected inputs. By simulating attack scenarios and malfunction conditions, systems can be hardened before their commercial deployment.

DEFENSICS is the most effective automated negative black-box testing solution in the market for developers, service providers and enterprises seeking to mitigate security exposure and system failure risks in their applications, devices and services. Model-based fully stateful fuzzing guarantees thorough input space coverage and also addresses problematic corner cases. DEFENSICS supports over 150 different protocols and media formats, an unparalleled achievement in the security testing market. With the introduction of XML support, DEFENSICS became the only solution covering the whole application stack from Layer 2 to the Application layer, even including often vulnerable Digital Media processing and Wireless interfaces.

According to independent studies, the Codenomicon DEFENSICS security and robustness test platform remains unmatched in its ability to find quality, resiliency and security exposures quickly within a broad array of applications. Codenomicon is recognized in the industry for its innovations in negative black-box testing. These capablities are demonstrated by our unique test methodology, which is not only rigorous and systematic, but also enables repeatable tests.