Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Mu Security rolls out next-generation security analyzer, delivering strong ROI for service providers and vendors

  • 07 November, 2007 16:54

<p>Melbourne - November 7, 2007 - Mu Security, the leader in network security analysis systems, has announced a major new release of its flagship Mu-4000 Security Analyzer appliance.</p>
<p>The Mu-4000 improves the reliability and uptime of networked products and IP business services by proactively addressing robustness and resiliency factors before systems are deployed in production environments. As a result, Mu Security’s growing service provider customer base is avoiding service outages and reducing customer churn.</p>
<p>“In order to provide our customers with the highest quality service and reliability, we use the Mu-4000 to ensure the equipment deployed on our network is thoroughly tested prior to placing it into production," said Paul Farley, Director of Network Intelligence &amp; Security Engineering at Cox Communications. "Using the Mu-4000 to run virtually every conceivable testing scenario helps us live up to our customers’ expectations as their trusted provider of voice, video, data and wireless services.”</p>
<p>"The reactive spending on perimeter security or managed services has not been effective as network downtime and vulnerabilities continue to grow," says Mike Monticello, Security Analyst at Enterprise Management Associates. "That's why Mu Security's solution is becoming indispensable to users who want to methodically identify the root causes of robustness shortcomings or deep-seated vulnerabilities lurking within any IP-based product or service."</p>
<p>What’s New in Version 3</p>
<p>Mu Security’s third-generation solution maximizes customer ROI with new features including sharable analysis templates, interactive graphical response time charting and dynamic stateful protocol fuzzing as the basis for robustness analysis.</p>
<p>With the introduction of Sharable Analysis Templates, Mu Security is establishing strategic best practices for system testing across organizations. Organizations often find it very difficult to add security metrics or repeatable processes across groups. Typically, only a small, specialized incident response group within a company has security expertise, whereas the larger product certification/testing group often lacks sufficient security knowledge to test for product robustness.</p>
<p>Mu Security’s Mu-4000 platform now supports customizable analysis templates that easily transfer between Mu-4000 appliances to help disseminate scarce security knowledge within organizations. By capturing best practices that can be replicated, the new Mu-4000 is greatly simplifying robustness testing, and thereby enabling a repeatable security process as a key competitive differentiator for Mu’s customers.</p>
<p>"As a leading provider of products used in the world’s largest triple-play networks, Redback assures its carrier customers the highest levels of security for critical applications that require robust performance," said Rod Couvrey, vice president of software engineering at Redback. "Mu Security and their innovative Mu-4000 appliance help ensure that the Redback software engineering team leverages security analysis as a best practice to identify and remediate possible product vulnerabilities or quality issues as early as possible in our development lifecycle."</p>
<p>Response Time Chart Exposes Hot Spots</p>
<p>Latency-sensitive applications unable to process valid data in specific timeframes may not meet response-time goals or service level agreements. Legacy fuzzing tools have never before attempted to measure a target system’s ability to process valid traffic while being probed by invalid traffic.</p>
<p>With Response Time Charts, the updated Mu-4000 interactively exposes quality and availability issues to accelerate remediation. Customers can actively gauge a system's ability to maintain control and specific performance levels while processing unexpected inputs. In addition to hard failures (e.g., system crashes), users can now isolate hard-to-detect “soft faults” including memory leaks, CPU utilization spikes and rising latency levels to help service providers maintain SLAs by avoiding costly downtime.</p>
<p>Dynamic Stateful Fuzzing Ensures Deeper Attack Surface Coverage</p>
<p>Most static fuzzers tend to focus only on the protocol specification without any regard to how the target's implemented or deployed. This approach tends to have a least-common-denominator effect, making many static attack vectors irrelevant in the real world.</p>
<p>The new Dynamic Stateful Fuzzing engine overcomes these major limitations by first accessing the target system to map out the target’s exact capabilities. After this step, the engine computes a set of attack vectors tailored to the target, and then dynamically executes them. The result is much deeper attack surface coverage with more vulnerabilities being uncovered.</p>
<p>Furthermore, this is the only solution to support user-defined protocol extensions, allowing customers to use their Mu-4000 to dynamically construct attack vectors over and beyond what Mu provides out-of-the-box.</p>
<p>Many protocols have multi-packet exchanges, like HTTP or SIP dialogs. The only way to get deep coverage of the protocol implementation is to exercise it in all its valid and invalid states. Only the Mu-4000’s dynamic stateful fuzzing engine can deliver structurally and semantically invalid attacks in all the relevant states of stateful protocols. These attacks include valid packets sent at the wrong time, or packets that are never valid, but are designed to cause damage to the code that implements the protocol’s state machine(s). This latest Mu-4000 provides deeper and broader attack surface coverage, and enables customers to significantly reduce service-impacting vulnerabilities.</p>
<p>The updated Mu-4000 feature set is available immediately at no additional cost to existing support customers worldwide.</p>
<p>About Mu Security</p>
<p>Mu Security offers a market-leading security analysis system, delivering a rigorous and streamlined methodology for verifying the robustness and security readiness of any IP-based product or application. Founded by pioneers of intrusion detection and prevention technology, Mu Security is backed by preeminent venture capital firms including Accel Partners, Benchmark Capital and DAG Ventures. The company is headquartered in Sunnyvale, CA. For more information, visit the company's website at</p>
<p>Mu Security is represented in Australia and New Zealand by In Systems Pty Ltd, Melbourne.</p>
<p>For more information</p>
<p>Peter Long, In Systems Pty Ltd
Phone: (03) 8611 3901
Mobile: 0417-857 919</p>
<p>David Frost
PR Deadlines Pty Ltd
Phone: (02) 4341 5021
Mobile: 0408-408 210</p>

Most Popular

Editor's Recommendations

Solution Centres

Brand Page


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release