1 Apr 2009 |
Software Test & Performance:
Making a Career of Evil - Using A Hacker's Tool to Secure Your Apps
- By Ari Takanen
Fuzz testing turns the tables on those that would do harm. Learn about
this negative testing technique that takes penetration to a whole new level.
STP Magazine cover story by Codenomicon CTO Ari Takanen.
<download STP magazine> |
| 2008 |
11 June 2008 |
CM Crossroads: Steve Hayes talks about Defensics 3.0
By Megan O'Meara
Defensics 3.0 is the new release from Codenomicon. At STAREAST 2008, we discover they do testing from layer 6 down to layer 2 looking for security issues, showing their customers where the first initial attacks might be, and help by exposing their vulnerability.
<view video> |
3 June 2008 |
CNET News.com: Codenomicon CTO discusses tackling vulnerabilities
By Robert Vamosi
CNET's Robert Vamosi speaks with Ari Takanen of Codenomicon about whether companies do a good job of finding and fixing their own vulnerabilities.
<full
article> |
15 Apr 2008 |
ComputerWeekly.com: Climate of fear casts shadow over RSA
By Ian Grant
Increasing network complexity, identity authentication, tougher regulation, poorer enforcement, a free-for-all for collecting and storing personal data, and the consumerisation of network-enabled devices combined to
induce a feeling that things cannot go on as they have any more.
<full
article> |
07 Apr 2008 |
ComputerWeekly.com: Security forecast: smartphones
By Ian Grant
The modern mobile phone comes in two basic varieties. The more secure version is a stripped down 2G phone with very little data functionality. There are still some issues related to 2G confidentiality. First is the possibility that someone will eavesdrop your communications. The second concern is availability: what happens if everyone calls at the same time? But aside from these concerns, it is quite simple piece of equipment.
<full
article> |
1 Apr 2008 |
Virtually Informed: Ari Takanen speaks on software security
Ari Takanen, CTO, Codenomicon, speaks at Infosec Europe April 2008 on software security in video interview
<view videos> |
1 Apr 2008 |
Dark Reading: Codenomicon Upgrades Platform
Codenomicon announces next-generation security testing software with unmatched ability to identify flaws before
products ship.
<full
article> |
1 Apr 2008 |
Dr. Dobb's: Fuzzing, Model-based Testing, and Security
By Jonathan Erickson
"Model-based fuzzing has many names. Fuzzing itself refers to a security testing approach where random or
semi-random inputs are sent to software in attempt to crash it. The term itself was coined by Dr. Miller in the early 1990s to
describe his command-line fuzzer, which was used to test various commands in different operating systems."
<full article (PDF)>
<full article (HTML)>
|
1 Apr 2008 |
Info Security Products Guide: Eliminating risk through
proactive, pre-emptive quality assurance tools By Rake Narang
Codenomicon's objective is to ensure the security and robustness of any application or service implementation. Development and security personnel in a lab or staged environment use Codenomicon DEFENSICS to fortify quality
and security assurance - quickly, easily and reliably. The test software offers a systematic blackbox and negative test methodology uniquely capable of revealing un-desired behavior and issues in protocol implementations.
<full
article> |
08 Feb 2008 |
Processor: Build A Better Wireless Shield
By Christian Perry
When enterprises make the move from a wired to
wireless infrastructure, the danger of disregarding the importance of
security often rears its head. The myriad challenges inherent with
simply installing and maintaining a wireless network can easily push
security to the wayside. However, that trap can prove fatal.
<full
article> |
01 Feb 2008 |
Darkreading: The Buzz Around Fuzzing
Security researchers long have sworn by it, and now many enterprises, developers, and service providers
are turning to an increasingly popular method of identifying security vulnerabilities: fuzzing.
<full article> |
| 2007 |
01 Nov 2007 |
TMCnet: Codenomicon Introduces DEFENSICS for WLAN
Often, the biggest challenge faced by the developers of wireless consumer devices, public broadband infrastructure vendors and network service providers is the challenge of identifying product flaws and security vulnerabilities early in the production process. If these flaws go unidentified and if they remain in the final product, it will hamper the performance of the product and harm the reputation of the company.
<full article> |
05 Oct 2007 |
San Jose Business Journal:
Finnish lines are crossing to San Jose
By Timothy Robers
When a Finnish company sews up the technology market in Finland, it's still got only the 0,5 percent of
the global markket. And so it is not surprising that Finnish companies are lookin beyond their borders.
<full
article> |
11 Sept 2007 |
Computer Technology Review: Storage Vendors and
Service Providers Can Now Offer
More Resilient and Secure Offerings
This week the Storage Network Industry Association (SNIA)
had a decent turnout for its Storage Developers Conference which
targets storage developers, architects, and engineers from the
world.s leading storage vendors and service providers. The event,
which garnished over 300 participants, covered such topics as
distributed and content aware storage, data management and
continuous data protection, and security.
<full
article> |
04 Sep 2007 |
FT REPORT - FINLAND:
Pro-active approach opens global doors
By Robert Anderson, Financial Times
Codenomicon is a typical Oulu high-tech start-up company with a very untypical attitude. "We are more American than the Americans," says Ari Takanen, chief technical officer and one of the founders. Unlike many other local start-ups, it has also successfully expanded abroad while remaining largely Finnish-owned and run.
Codenomicon produces software testing tools for web, network, wireless and digital media customers and then test and eliminate security and robustness weaknesses that, for example, allow hackers easy access.
<full article> |
16 Aug 2007 |
Network World:
VoIP requires strict attention to security best practices
Despite the genuine possibilities of attack, some experts say that VoIP is more secure than the traditional public switched telephone network (PSTN).
“The VoIP system is much more secure than traditional systems,” says Ari Takanen, founder and CTO of Codenomicon, which makes software security-testing tools. Speaking at the recent VON Europe 2007 conference, he acknowledged VoIP vulnerabilities, but said they were not insurmountable. “IP systems are more exposed, but you have more security that you can install,” he says. “If you don’t use it — that’s stupid.”
<full article> |
20 Apr 2007 |
Dark Reading: Want Turns to Need
Software security is no longer an emerging discipline, and here's why enterprises should care
<full article> |
26 Mar 2007 |
Byte and Switch: Codenomicon announced Defensics Filesystems & Storage solution for securing the networked storage systems
<full article> |