Webcasts
June 8, 2010 - Fuzzing 101 Webinar:
Fuzzing Use Cases
Abstract
Codenomicon has been involved with Fuzzing since 1996, and works with almost all industries on improving the security of a wide range of communication products and services. In this webcast, we have invited analysts from Frost & Sullivan to explain how they see the security market today, and how it is improving this year. Codenomicon will then present two case studies, one with the SDLC view of how the industry uses fuzzing today, and another on the results of a Crash Test Party where 30 students tested a wide range of products with state-of-the-art fuzzing tools.
Registration
The webcast will last approximately one hour + QA. Number of participants is limited to 100 registrants.
Register for a session now by clicking a date below:
- US West Coast: 9 AM
- US East Coast: 12 noon
- United Kingdom: 5 PM
- Germany, France: 6 PM
Speakers
Ari Takanen
Ari Takanen, founder and CTO of Codenomicon, has been active in the field of software security testing research since 1998. He has focused on information security issues in next-generation networks and security critical environments. In his work at Codenomicon and OUSPG (Oulu University Secure Programming Group), Mr. Takanen's primary goal has been ensuring that new technologies gain wide public acceptance by providing means of measuring and solidifying the quality of networked software. Mr. Takanen is one of the members of the original PROTOS research project, which studied information security and reliability errors in e.g. WAP, SNMP, LDAP, VoIP implementations.Mr. Takanen Takanen is a distinctive member of the global security testing community, a noted author and a regular speaker at various testing and security conferences, universities and international corporations. He is an author of two books on VoIP security and security testing.
Jessy Cavazos
Jessy Cavazos is the Industry Manager for the Test & Measurement Group at Frost & Sullivan. Ms. Cavazos joined in 2002 and has since focused most of her research on the communications test industry, covering the market for test equipment for communications products and services. Her research covers the entire product/network lifecycle from the lab to the field. Ms. Cavazos has published research on the security test market and more particularly robustness and security testing in the past focusing on challenges faced in that industry.
Long Description of this Fuzzing 101 session
Fuzzing is used in all steps of a product lifecycle, starting with software development lifecycle (SDLC) and later also in the product comparison and evaluation process in procurement and in security audits of existing deployed systems.
Frost & Sullivan is one of the rare analyst companies who have worked with a wide variety of fuzzing vendors across industries. In this webcast, for the first time in the industry they will pull all that information together to give us a view where commercial fuzzing tools are used, and where they see the dynamic product security market developing in the future.
Codenomicon presentation will be split in two parts. The first presentation will look at the fuzzing landscape from the perspective of customer distribution highlighting cases in which Codenomicon customers use fuzzing today. Second part will look at a specific example highlighting the use of fuzzing in a third party security audit in form of results from a Crash Test Party organized by Codenomicon in May 2010. In the event, 30 students were given access to state-of-the-art fuzzing tools to test equipment they brought with them to the event. Most products failed in matter of hours, and a few of the vulnerabilities in open source software were reported to CERT for corrective measures.
