Webcasts

February 10, 2011 - Fuzzing 101 Webinar:

Unknown Vulnerability Management: Reporting and Mitigation

Codenomicon

About Fuzzing 101 and Codenomicon

Codenomicon has been active in the field of Fuzzing since 1996. The company works with companies industries to improve the security of a wide range of communication products and services. Fuzzing 101 webcasts provide vendor neutral advice on Fuzzing, and demonstrates how Fuzzing tools can be used for various purposes.

Abstract

It's what you don't know that makes you vulnerable

Security of enterprise networks is based on blind trust to vendor's product security practices. But based on our studies at Code Labs, majority of enterprise software have minimal or no security built-in. With Codenomicon Defensics, enterprise users can gain visibility on the true security and reliability of third party developments by either running black-box tests themselves or insisting that vendors use Codenomicon Defensics or similar fuzzing tools.

The Codenomicon's Unknown Vulnerability Management Lifecycle consists of four phases: Analysis, Testing, Reporting and Mitigation. This webcast will focus on the last two phases, Reporting and Mitigation.

In this webcast we will look at how collaborative tools can be used to share test environments and documentation between enterprises and vendors.You will learn how generate different types of reports for different audiences, augment test case documentation with PCAP traffic recordings and to use the Remediation Package to report findings to third parties, such as vendors. You will also see how test case documentation can be used to create tailored IDS/IPS rules to block possible zero-day attacks.


Speakers

Ari Takanen

Ari Takanen

Ari Takanen, founder and CTO of Codenomicon, has been active in the field of software security testing research since 1998. He has focused on information security issues in next-generation networks and security critical environments. In his work at Codenomicon and OUSPG (Oulu University Secure Programming Group), Mr. Takanen's primary goal has been ensuring that new technologies gain wide public acceptance by providing means of measuring and solidifying the quality of networked software. Mr. Takanen is one of the members of the original PROTOS research project, which studied information security and reliability errors in e.g. WAP, SNMP, LDAP, VoIP implementations. Mr. Takanen is a distinctive member of the global security testing community, a noted author and a regular speaker at various testing and security conferences, universities and international corporations. He is an author of two books on VoIP security and security testing.


Download / View Online

Note that the webcast will last approximately one hour five minutes + 25 minutes for QA.


Fuzzing 101 Webcasts