Software Vulnerability Testing
Identify and Resolve Software Flaws Before They Become a Security Threat
While traditional software testing provides a robust means of testing software function and performance under a range of expected conditions, it often fails to identify weaknesses that can arise from unexpected inputs. When faced with such inputs, many network devices can fail, or behave in unexpected ways.
A classic example is a malformed packet, which could cause a buffer overflow in the system controlling a network device. Traditional testing may not address such a condition, since the input is essentially random "nonsense". However, the software error that results could open the device to control by unauthorized, outside entities. In fact, hackers exploit these failures (known as "zero day" vulnerabilities, since they often are not identified until the device is deployed and operational) to gain unauthorized access to Internet-accessible resources.
Telcordia Software Vulnerability Testing service, available to both network equipment providers (NEPs) and Communications Service Providers (CSPs), helps identify and resolve software flaws that can cause unexpected security and performance weaknesses in network devices. It is an increasingly important and necessary complement to traditional software testing.
What is Telcordia Software Vulnerability Testing?
Telcordia Software Vulnerability Testing is a suite of intelligent, model-based tests that are applied against any network device's external interfaces. It utilizes the state-of-the-art Codenomicon DEFENSICS™ testing platform to perform random-input or "fuzz" testing, which assesses software from the outside in.
The DEFENSICS platform is recognized throughout the industry for its ability to find quality, resiliency, and security exposures quickly, and within the broadest array of applications. This approach identifies vulnerabilities that traditional tests often miss. Our software vulnerability testing service provides a technical analysis report documenting the test results that a vendor can use to determine the root cause of the identified flaws prior to extensive product deployment.
Why Telcordia?
Telcordia Software Vulnerability Testing service delivers results you can trust, from the industry's most experienced testing organization. We are able to meet aggressive schedules and test any device whether currently in production or in development. Equipment vendors and CSPs who use this software vulnerability assessment service can enhance in-house quality assurance processes and obtain rapid testing results without incurring the otherwise sizable investment in test environments and staff training.
As a result, vendors can deliver more reliable and secure products to their customers, while CSPs can deploy devices with a much higher degree of confidence.