Testing for app-aware infrastructures

Spirent CyberFlood™ is a next-generation testing solution to validate the security, performance and scalability of app-aware infrastructures from enterprise to carrier-grade network capacity.

  • Wednesday, 3rd August 2016 Posted 8 years ago in by Phil Alsop

Spirent Communications' CyberFlood™, a next-generation security and performance testing solution, is an easy-to-use, comprehensive testing platform suitable for complex testing scenarios.  Users can ensure that their security and performance testing addresses their unique environments by emulating realistic traffic volume, threats, and attack scenarios including fuzzing, malware, and DDoS attacks.

 

Designed with team testing in mind, CyberFlood’s intuitive web UI extends easy-to-use best practices for faster, repeatable, and more accurate testing.  Users can easily view all testing activities at-a-glance on the dashboard, including running and recently completed tests.  Whether local or globally-dispersed, teams including IT, QA and engineering can now quickly and effectively test, validate and roll out their app-aware devices and infrastructures.  This includes sharing of test configurations, test results and test devices including physical appliances, modules and virtual endpoints.  Fully extensible, CyberFlood allows teams to easily adjust test parameters to create unique attack patterns and finely tuned application mixes to test and stress security devices.

 

“CyberFlood differentiates itself on security.  An example would be its Advanced Malware offering.  This new offering provides thousands of new malware samples per month including zero-day malware allowing you to find the holes in your threat landscape”, said David DeSanto, Director, Products and Threat Research of Spirent Communications.  “CyberFlood Advanced Fuzzing combines the two main fuzzing strategies, generation-based and mutation-based, into one new intelligence driven strategy to provide you greater depth and breadth in your testing to find more issues than previously possible.”


CyberFlood helps enterprises, services providers and network equipment manufacturers validate their services, devices and infrastructures today as well as prepare for the future.  Some of the CyberFlood’s key highlights are:

 

  • Fuzzing: To stay ahead of the evolving threat landscape, you need to think like a hacker and use tools superior to what they use to find issues within your solutions and services before they do. CyberFlood’s SmartMutation™ technology combines the two most common fuzzing techniques, generation-based and mutation-based, into an intelligent fuzzing strategy. This scalable solution gives you the greatest depth and breadth in your fuzzing.


  • DDoS Attacks: Validating your DDoS mitigation strategy is more than just sending a bunch of traffic at your security infrastructure. CyberFlood combines both legitimate or normal traffic with DDoS attack traffic to confirm that your DDoS solution mitigates appropriately without inadvertently impacting legitimate users. Statistics are provided real-time to interactively measure both user experience and security mitigation.


  • Malware: Today, malware is extremely nefarious and problematic. Between 2010 and 2015, there has been a 700% increase in the number of malware programs in the wild. CyberFlood’s Advanced Malware offering is unique in quality and quantity.  Thousands of new malware are added each month including zero-day malware providing customers a cutting-edge advantage in validating their security stance.


  • Spirent TestCloud: Continually updated, Spirent TestCloud contains thousands of current applications and attacks as well as other subscribed content to ensure your testing library is up-to-date with the latest and most relevant content.  CyberFlood leverages TestCloud to generate real application traffic with true state and authentic payloads based on actual usage for realistic security, load, and functional testing. 

 

“Continual testing based on the current threat landscape is key to protect against new malware, the complexity of new threats and increased global security concerns,” said John Weinschenk, General Manager, Spirent Enterprise and Application Security.  “Proactive and solid testing methodologies should take into consideration the four variables that cohesively function together to produce reliable test results. These are performance, availability, security and scale. CyberFlood was developed specifically to address all four of these critical areas.”