Press Releases
CODENOMICON WORKS WITH INDUSTRY TO OVERCOME XML VULNERABILITY & ROBUSTNESS ISSUES
Codenomicon continues clear path of technology leadership and security innovation with its recent XML research work, allowing multiple industry sectors to see glaring XML security issues for the first time
Cupertino, Calif. - Tuesday Feb 24, 2009 - Codenomicon, Ltd., the leader in protocol robustness and security test solutions, today announced its flagship XML testing product allowing the industry to clearly understand the existing security weaknesses in many open source and commercially deployed products taking advantage of XML technology.
Through its pioneering use of Fuzzing test methodology, Codenomicon's XML solution is able to pro-actively diagnose currently unknown-vulnerabilities, as opposed to screening for already known-vulnerabilities which are much less valuable to a hostile third party. With double the installed base of any security vendor, Codenomicon is the market leader in providing cutting edge vulnerability and robustness testing solutions for the Telecom and Data networking industry. Born from research conducted by the Secure Programming Group at the University of Oulu, Codenomicon's XML solution has uncovered a raft of glaring security issues in already deployed XML products and services. "Codenomicon is taking an early lead in XML testing, particularly with unknown-vulnerabilities and Fuzzing test methodology" said David Chartier, CEO of Codenomicon & secure XML advocate. "Healthcare, Financial services, Industrial automation, Enterprise systems as well as existing large-scale Telecom & Data infrastructures are increasingly vulnerable due to flaws in XML implementations."
XML is a technology which is fast replacing the existing model of using Protocols to convey communication information between devices, or between services and users. Technologies such as .NET, Simple Object Access Protocol (SOAP), Service Oriented Architecture (SOA), Supervisory Control and Data Acquisition (SCADA) and Web-service overlays make increasing uses of XML. Due to a lack of widely available intelligent Fuzzing solutions the XML industry has had little opportunity to find and fix the unknown-vulnerabilities which can lead to security issues resulting in reduced network and service uptime. "Codenomicon has found a critical focus area which expands beyond web testing, where the XML industry has an opportunity to proactively assess the security holes contained in everyday services used by the general public" said Prof. Howard A. Schmidt, former White House Cyber Security advisor & Codenomicon board member. "I would hope the industry warmly welcomes both the research results and an innovative testing solution to help diagnose the problems."
Through its Codenomicon Labs facility, Codenomicon has been extensively testing XML implementations for some time and will be releasing the collated results to the public at a forthcoming industry event. Codenomicon will be advising key members of the XML community, its partners and customers of the findings ahead of the public results announcement in accordance with its safe disclosure policy.
About Codenomicon Ltd.
Codenomicon makes security and quality testing software that allows the user to quickly find and identify both known and previously unknown flaws before business-critical products or services are deployed. Their unique, targeted approach to Fuzz testing of networked and mobile offerings exposes more flaws and weaknesses than any other testing platform or methodology. Companies rely on Codenomicon's solutions to stop threats such as Distributed Denial of Service (DDOS) and Zero Day Attacks that increase liability, destroy business reputations and cripple sales. For more information, visit www.codenomicon.com.
Follow us on:
