"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code

We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.

If you're serious about implementing protocols correctly, you need the Codenomicon tools."

-- Jeremy Allison,
   Co Creator of Samba


Codenomicon Products and Services for Carriers and Operators

Preemptively and proactively secure your network devices, applications and services

What is the Weakest Link in your Network?

Major telecommunications and carrier organizations have implemented the proactive Defensics testing solution to find zero-day vulnerabilities from their devices, applications and services. Testing helps them to reduce service outage risks, to improve application quality assurance, and to demand greater supplier and partner security-readiness. Defensics is a family of robustness testing tools (fuzzing tools, fuzzers) for generating unexpected message sequences and packets to identify and eliminate Denial of Service (DoS) situations in critical interfaces. Defensics has protocol test suites for more than 200 protocols, supporting both IETF and 3GPP specifications.

The complexity of Next Generation Networks (NGN) and Service Platforms such as IMS, LTE and WiMAX require deep understanding of the networks, and Codenomicon Network Analyzer is the best tool for analyzing and datamining the vast volume of traffic in modern telecommunication networks. It also provides a complete coverage for attack surface analysis. Codenomicon and its partners have been involved in tens of complex network auditing and penetration testing projects related to IMS and LTE.

 

Defensics in the SLDepC

(click to enlarge)

 

Codenomicon tools and services can be used in all phases of the secure development lifecycle in telecommunications, from software development life-cycle (SDLC), vendor selection, system test and staging, to tests in the live production environment. Codenomicon Unknown Vulnerability Management (UVM) process for Telecommunications will effectively close the doors before hackers even have a chance of hacking into and compromising your systems.

Unknown Vulnerability Management for Telecommunications

The deployment of new technologies always involves a high risk of unpredictable security, quality and interoperability issues. The source of this unpredictability is unknown vulnerabilities in the software.

Codenomicon's unknown vulnerability management tools help operators to gain more control over the deployment process and avoid any undesirable shortcomings that might affect the customer experience. Codenomicon's customers have already got good results from testing third party developed software, before integration, but even better results could be achieved by insisting that vendors utilize Codenomicon tools during development.

The earlier software is fuzzed the cheaper and easier it is to fix it and the more thorough the fixes are.

Read more from our whitepaper:

Key Security Challenges in Telecommunication

Greatest challenge in NGN is identifying and testing all critical interfaces. We have identified selected critical challenges below.

 

Critical Interfaces in NGN Telecoms

(click to enlarge)

 

New Wireless Access Technologies

Introduction of WiFi/WLAN, WiMAX and LTE to traditionally closed telecommunication networks will effectively open up the core and several critical components to attacks.

Software Quality

Crash level issues and security vulnerabilites are found in all communication technologies, and with the trend of outsourcing and offshoring development, building security in software products is becoming increasingly difficult.

Complexity

Modern telecommunication networks are being transitioned to All-IP, but the complexity of the architectures remains. Next generation network analyzers are required to map and understand that complexity.

Legacy Interconnects

SS7 will not be going away anytime soon, and new interconnects such as Sigtran and BICC will require extensive testing to ensure that NGN adaptation will not disturb the old legacy systems.

IPv6

The world of IPv4 is coming to an end, but the world is still not ready for IPv6. Majority of IPv6 enabled devices require extensive testing before being ready for the threats posed by the Internet.

Triple Play

IP connectivity, and the services such as IPTV, VoIP and data will require extensive security testing before the services are launched.

Find Defensics test solutions for 3G/4G LTE, IPv6, IPTV and VoIP from here.

Why Codenomicon Defensics

Codenomicon is the preferred service provider security test solution for several reasons. First of all, the black box negative testing solution provides significant known and new threat identification without requiring application code expertise. This significantly extends test assurance capabilities with nominal resource impact. Therefore, second tier quality assurance, partner test services and security analysts can all use the system to facilitate the identification of robustness flaws and security flaws – before they become costly, after-the-fact issues.

Secondly, Defensics coverage a broad spectrum of protocols and can even cover customer protocols – within a complete and documented test environment that can be immediately used for bug fix or fault notification purposes. Armed with detailed test flaw information, the most useful details can be easily shared by respective developers or vendors. Exact fix verification is a point and click away – saving time, effort and resources.

Lastly, Defensics is an intuitive, software-based solution which enables more distributed use – allowing efficient testing at multiple sites by multiple users. The system can even be run on a laptop to support moving between labs or traveling to partners. Unlike alternative approaches, Defensics offers all test configuration options in one easily understood screen – making product use more convenient and easier to describe to other test team members.

The solution’s ease-of-use, flexible implementation, strong test documentation and immediate regression testing are critical requirements for carriers and operators given the varying number of test environments, the significant number of networked systems and partner applications, the extensive infrastructure and solutions which impact millions of network platform customers.

Furthermore, Codenomicon Defensics can be used as a means for vendor / partner selection and as a means to test staged systems / infrastructure to determine security-readiness.

Read more comments from our customers in telecommunications from our whitepaper:

Network Analyzer for Telecommunications

Codenomicon Network Analyzer provides state-of-the-art visualizations not provided by any other network analyzer.

The Network Analyzer enables easy analysis and processing of IP-traffic. It is software-based and runs on almost all most common desktop operating systems. The Codenomicon Network Analyzer can support more than ten distributed real time data recording points, so called Codenomicon Network Recorders. It can also process hundreds of millions of packets quickly and intuitively. The Codenomicon Network Analyzer enables high-level analysis of captured traffic by generating both tabular views of network flows and helpful visualizations, such as network topology views, connection graphs and earthview maps. You can download the recorded the traffic from multiple Network Recorders, and store those in PCAPs for later processing in Network Analyzer, or Codenomicon Traffic Capture Fuzzer.

Read more about Codenomicon Network Analyzer: