Idappcom seeks to displace penetration testers

Idappcom's software checks to see if security products are really catching exploits and malware

A U.K. company is seeking to displace penetration testing companies with an appliance and software that can frequently test whether security devices are catching bad network traffic and exploits.

Idappcom's product, called Traffic IQ, runs traffic through two virtual machines configured the same as an organization's live network but isolated from it, said Anthony Haywood, chief technology officer.

Traffic IQ is loaded with the latest exploits and threats and can then see if commonly used network-based intrusion protection systems from vendors such as Sourcefire, McAfee, Juniper, Cisco, IBM and more are catching attacks.

Network intrusion detection systems can miss new exploits if the companies behind those products aren't doing the right research. Haywood said Idappcom engineers incorporate new exploits into its product from sources such as Metasploit, Packetstorm and SecurityFocus forums. About 50 to 60 exploits are added to Traffic IQ monthly, he said.

If a product does not detect a certain kind of exploit, Traffic IQ has an ability to create a Snort rule, which allows a security product to detect a type of malicious traffic.

"We are saying we can measure and fine tune and optimize your security to give the maximum level of protection and use the equipment that you use today," Haywood said. "You don't need to spend lots of money."

Security vendors often focus more on the throughput of their products rather than how many pieces of malware or exploits they can detect.

"A lot of vendors are focusing on who has got the biggest box," Haywood said. "Our customers are telling us it's not about who's got the biggest box -- it's all about the recognition and response capability."

Idappcom sells a perpetual license for its appliance, which means that security administrators can run it as many times as they like. Haywood contends this is better than penetration testing, which only shows a snapshot in time of what the network is capable of defending against.

Traffic IQ can also do an audit of change control procedures and regulatory compliance, Haywood said.

Idappcom has a free version of Traffic IQ that launched earlier in the month. Administrators will need to have some knowledge of scripts and packet capturing, however.

Idappcom's customers include Barclays bank, First Capital, AT&T and BT along with government organizations, among others, Haywood said.

Send news tips and comments to

Join the CSO newsletter!

Error: Please check your email address.

Tags Detection / preventionintrusionsecurityIdappcomExploits / vulnerabilitiesmalwareCompliance monitoring

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts