Security testing platform for app-aware infrastructures

At Black Hat USA 2016, Spirent Communications will be presenting CyberFlood, a security and performance testing platform suitable for complex testing scenarios.

With CyberFlood, users can ensure that their security and performance testing addresses their unique environments by emulating realistic traffic volume, threats, and attack scenarios including fuzzing, malware, and DDoS attacks.

Designed with team testing in mind, CyberFlood’s intuitive web UI extends easy-to-use best practices for faster, repeatable, and more accurate testing. Users can easily view all testing activities at-a-glance on the dashboard, including running and recently completed tests.

Whether local or globally-dispersed, teams including IT, QA and engineering can now quickly and effectively test, validate and roll out their app-aware devices and infrastructures. This includes sharing of test configurations, test results and test devices including physical appliances, modules and virtual endpoints. Fully extensible, CyberFlood allows teams to easily adjust test parameters to create unique attack patterns and finely tuned application mixes to test and stress security devices.

Some of the platforms’s key capabilities are:

• Fuzzing: To stay ahead of the evolving threat landscape, you need to think like a hacker and use tools superior to what they use to find issues within your solutions and services before they do. CyberFlood’s SmartMutation technology combines the two most common fuzzing techniques, generation-based and mutation-based, into an intelligent fuzzing strategy. This scalable solution gives you the greatest depth and breadth in your fuzzing.
• DDoS Attacks: Validating your DDoS mitigation strategy is more than just sending a bunch of traffic at your security infrastructure. CyberFlood combines both legitimate or normal traffic with DDoS attack traffic to confirm that your DDoS solution mitigates appropriately without inadvertently impacting legitimate users. Statistics are provided real-time to interactively measure both user experience and security mitigation.
• Malware: CyberFlood’s Advanced Malware offering is unique in quality and quantity. Thousands of new malware are added each month including zero-day malware providing customers a cutting-edge advantage in validating their security stance.
• Spirent TestCloud: Continually updated, Spirent TestCloud contains thousands of current applications and attacks as well as other subscribed content to ensure your testing library is up-to-date with the latest and most relevant content. CyberFlood leverages TestCloud to generate real application traffic with true state and authentic payloads based on actual usage for realistic security, load, and functional testing.

“Continual testing based on the current threat landscape is key to protect against new malware, the complexity of new threats and increased global security concerns,” said John Weinschenk, General Manager, Spirent Enterprise and Application Security. “Proactive and solid testing methodologies should take into consideration the four variables that cohesively function together to produce reliable test results. These are performance, availability, security and scale. CyberFlood was developed specifically to address all four of these critical areas.”