Spirent Communications has announced the release of an update to its flagship security test product, CyberFlood, with new features and capabilities that include the industry’s first pre-emptive means to validate exposure to the recent outbreak of WannaCry ransomware. This release also strengthens fuzzing capabilities with support for IoT and industrial control protocols, and greater support for common DDoS (distributed denial-of-service) attacks, among other features. It represents a major expansion of CyberFlood’s capabilities, addressing new markets and providing near-zero-day testing for the latest application scenarios, attacks and malware.
“With this release, we are continuing to provide security thought leadership and real-time protection validation for our customers at a time when malware and DDoS attacks are skyrocketing,” said David DeSanto, director of product management and threat research at Spirent Communications. “We have a long history of supporting a wide variety of protocols and we continue to stay ahead of the curve in empowering enterprises, service providers and equipment manufacturers to take proactive measures to ensure high performance and security efficacy with no false positives in their networks.”
WannaCry Detection : WannaCry is the latest high-profile cyber security attack in an exponentially growing variety of cyber-attacks that has test teams scrambling to quickly and effectively test their application-aware systems and networks. Less than two weeks after the May 12 ransomware attack struck computers running Microsoft Windows, Spirent released WannaCry malware scenarios via the Spirent TestCloud real-time content feed—a core component of CyberFlood that enables users to stay ahead of the latest malware and botnets. CyberFlood was the first testing solution to offer proactive testing to validate protection for WannaCry and released WannaCry validation support ahead of any other commercial testing solution.
Advanced Fuzzing Update : CyberFlood now offers protocol fuzzing of IoT devices and expands coverage for Industrial Control Systems. This includes support for MQTT—a lightweight messaging protocol commonly used in IoT. Given the high frequency and costliness of IoT data breaches and security incidents, the ability to fuzz IoT protocols meets a growing need among IoT device manufacturers and customers using IoT devices.
This release also adds support for protocols such as IEC 61850, the global standard for communication in electrical substations, as well as other SCADA protocols used in the power industry including IEC 104 and MMS.
Protocol DDoS Attacks : CyberFlood expands its DDoS attacks library with the launch of its Protocol DDoS Attacks feature allowing users to validate their security protection against the rising tide of DDoS attacks. Users can now generate multi-gigabits-per-second (Gbps) of protocol-level attacks designed to compleletly consume and stress the “network state” within firewalls along with other security mitigations services. All new DDoS attacks can be leveraged in Attacks-Only mode and mixed with legitimate traffic to measure the true impact on legitimate users of mitigatng the DDoS attack. CyberFlood Protocol DDoS Attacks helps customers validate their security coverage for common trending DDoS attacks and is a great companion to the currently available Volumetric DDoS Attacks feature.
“With the increasing volume and variety of cyber-attacks, security testing platforms now more than ever need to be able to test both real-world traffic patterns and a range of current threats in order to be effective,” said Scott Crawford, Research Director, Information Security, 451 Research. “Those that fail in this are at risk of being blind to exposures that attackers can see clearly.”
Availability : CyberFlood v17.2.0 is available today to Spirent’s customers via a simple upgrade that is downloadable from the Spirent Customer Support site.