Webcasts
July 6, 2010 - Fuzzing 101 Webinar:
Zero Day Vulnerability Management
About Fuzzing 101 and Codenomicon
Codenomicon has been involved with Fuzzing since 1996, and works with all industries on improving the security of a wide range of communication products and services. Fuzzing 101 webcast provides vendor neutral advice on fuzzing, and demonstrates Fuzzing capabilities through demonstrations.
Abstract
In this webcast, we explore the process of zero-day vulnerability management from initial threat analysis to automated detection and remediation. We will demonstrate how easy it is to detect attack vectors and to quickly assess the reliability and security of those interfaces using general purpose fuzzing solutions. We will also show you how you can complement these solutions with known vulnerability data and do patch verification easily and cost-effectively. Finally, we will discuss how you can tailor your defenses to block zero day attacks, which is a key aspect of vulnerability management.
Speakers
Ari Takanen
Ari Takanen, founder and CTO of Codenomicon, has been active in the field of software security testing research since 1998. He has focused on information security issues in next-generation networks and security critical environments. In his work at Codenomicon and OUSPG (Oulu University Secure Programming Group), Mr. Takanen's primary goal has been ensuring that new technologies gain wide public acceptance by providing means of measuring and solidifying the quality of networked software. Mr. Takanen is one of the members of the original PROTOS research project, which studied information security and reliability errors in e.g. WAP, SNMP, LDAP, VoIP implementations.Mr. Takanen Takanen is a distinctive member of the global security testing community, a noted author and a regular speaker at various testing and security conferences, universities and international corporations. He is an author of two books on VoIP security and security testing.
Long Description of this Fuzzing 101 session
In this webcast, we explore the zero-day vulnerability management process, starting from initial threat analysis to automated detection and vulnerability remediation.
We will demonstrate how easy it is to detect attack vectors and quickly assess the reliability and security of those interfaces using general purpose fuzzing solutions. The process is very simple. With e.g. Codenomicon Network Analyzer or Wireshark, you can map both the open server ports and active client-side software, and collect the found threat vectors in form of easily reusable PCAP files. Feeding the identified threat vector data to a general purpose fuzzing framework such as Defensics Traffic Capture Fuzzer will test all open interfaces in matter of minutes.
An important aspect of zero-day vulnerability management is proactive patch verification. Complementing the found threat vectors from proactive zero-day discovery with known vulnerability data, you can do patch verification easily and cost-effectively.
And finally key aspect of vulnerability management is how you tailor your defences to block those zero day attacks. With model-based zero-day detection techniques you will easily integrate the found threat signatures to preventive tools such as Intrusion Detection Systems (IDS).
Download / View Online
Note that the webcast will last approximately one hour + 30 minutes for QA.
Original Registration Details
The webcast will last approximately one hour + QA. Number of participants is limited to 100 registrants. The webcast will be available as a recording after the webcast.
Register for a session now by clicking a date below:
- United Kingdom: 9 AM
- Germany, France: 10 AM
- Japan, Singapore: 4 PM
- US West Coast: 9 AM
- US East Coast: 12 noon
- United Kingdom: 5 PM
- Germany, France: 6 PM
