Codenomicon Defensics has released the 3.10.0 version of Defensics 3. The Defensics engine, also called Suite Monitor, is the Defensics GUI component shared by all products, which provides an easy-to-use interface for controlling fuzzing test tools and test suites.
Its test case scaling functionality enables users to scale the number of test cases up or down based on intelligent anomaly profiles, allowing focus on the most critical product security risks. If users have more time for testing, and want to verify products against requirements with predefined amount of test cases before being able to pass the test, they can scale the number of test cases upwards. Users can also scale downwards if they have less time, but still want to make sure the highest risk issues are covered. The functionality will be gradually rolled out to most popular protocol testers.
The improved test project creation function enables users to bundle test executions into easy-to-manage projects, which will help automatically generate relevant test reports. This is useful if a device supports a wide range of interfaces and protocols, and users need to package the test results together, and manage the project as one entity.
The wireless scanner functionality has enabled integration of some wireless tools into the test engine. This allows users to benefit from improved test result features when using the company’s fuzzers for Bluetooth and WLAN (Wi-Fi).
The test performance has also improved, with a theoretical speed limit for HTTP server tests of around 1000 fuzz tests per second per test suite.
The testing solutions allow users to mitigate known and unknown threats in products and services prior to release or deployment. The Attack Simulation Engine is claimed to be the first state-aware test-case generator. It uses deep protocol models to intelligently target protocol areas most susceptible to vulnerabilities even in deeper protocol layers with high accuracy, while maintaining broad coverage through automatic test generation.