Twitter Linked In
 

Beyond Security

Company Overview


Beyond Security specialises in developing tools that uncover security holes in servers, expose vulnerabilities in the corporate network, check computer systems for the possibility of hostile external attacks and audit vendor products for security holes.

Beyond Security started its activities with the launch of the SecruiTeam web portal, which is considered today to be one of the leading security web sites on the Internet. The portal receives over 2.0 million page views a month and updates thousands of registered users on its daily security alert list.

The SecuriTeam web portal is a vital part of the company's activities and an essential competitive advantage.

Beyond Security utilised the knowledge accumulated in SecuriTeam to develop the Automated Scanning engine. Automated Scanning performs a security mapping of the organisation's network and simulates attacks originating from either the internal or the external network. Once the security mapping is complete, Automated Scanning generates a detailed vulnerability report specifying the security breaches, along with several practical and easy-to-apply solutions to fix those vulnerabilities. The engine is updated on a regular basis for the most recent security vulnerabilities.

Among Beyond Security's customers are financial institutes, hi-tech, ISPs, information security firms, cellular, telecom and e-commerce companies.

Training & Events

Sorry there are no training Courses offered by this Supplier.

beStorm
  • Find vulnerabilities during development
  • 'Smart Fuzzer' technology
  • Certify applications before purchase
  • Black Box Software Testing


    beSTORM performs comprehensive software security analysis and will discover vulnerabilities during development or after release.

    beSTORM represents a new approach to security auditing. This new approach is sometimes called "fuzzing" or "fuzz testing" and can be used for securing in-house software applications and devices, as well as testing the applications and devices of external vendors.

    Most security holes found today in products and applications are discovered by automated, blackbox software testing. beSTORM tries virtually every attack combination, intelligently starting with the most likely scenarios and detects application anomalies which indicate a successful attack. Thus security holes can be found almost without user intervention.

    How beSTORM Black Box Security Testing Works

    • Innovative beSTORM performs exhaustive analysis to uncover new and unknown vulnerabilities in any software. It's unique and powerful testing algorithm focuses on attacks that are most likely to succeed, thus producing results far faster than simple brute force testing. beSTORM does not need the source code to analyse and uncover vulnerabilities.
    • Broad range All Internet protocols can be tested using beSTORM - even complex protocols such as SIP (used in Voice over IP products) are supported.
    • Attack Prioritization Special attack prioritising algorithms allow beSTORM to start with the attacks most likely to succeed, depending on the specific protocol that is audited. This saves considerable time during the audit process and highlights the most important problems, first.
    • Report accuracy beSTORM checks the application externally by triggering actual attacks. Vulnerabilities are reported only if an actual attack has been successful, for example if a buffer overflow has been triggered. Simply put, beSTORM emulates an attacker. If the attacker cannot carry out the attack, beSTORM will not report it, effectively reducing the number of false positives.
    • Protocol compliance beSTORM is able to convert the protocol standard text to automated set of tests by converting the BNF description used in technical RFC documents to attack language. This ensures that the entire functionality of the system is checked, and enables to quickly find bugs that otherwise surface only months or years after the product is released to the market.
    • Comprehensive analysis beSTORM detects vulnerabilities by attaching to the audited process and detecting even the slightest anomalies. By doing so, beSTORM can find attacks as subtle as 'off-by-one' attacks, as well as buffer overflow attacks that do not crash the application.
    • Scaling beSTORM is extremely scalable, with the ability to use multiple processors or multiple machines to parallelize the audit and substantially reduce the testing duration.
    • Extensibility beSTORM tests the protocol rather than the product, and therefore can be used to test extremely complicated products with a large code base.
    • Flexibility beSTORM's protocol analysis can be easily extended to support your proprietary protocol.
    • Language independent beSTORM tests the binary application, and is therefore completely indifferent to the programming language or system libraries used. beSTORM will report the exact interaction that triggers the vulnerability, and the programmers can now debug the application with whatever development environment they wish to see what causes the fault.
    beStorm
    Name
    Organisation
    Phone
    Email
    Enquiry
    Verification Code:
     
    Contact us
    Australia:+61 (0)2 8012 9810
    Singapore:+65 9297 1289
    Customer Service:
    Technical Support:
    Training Bookings:
     
    Register For the Fulcrum Newsletter HERE

    © Fulcrum Management 2012
    Name
    Email
    Organisation
    Phone
    Verification Code:
    Name
    Email
    Organisation
    Phone
    Verification Code: