Menu
Idappcom seeks to displace penetration testers

Idappcom seeks to displace penetration testers

Idappcom's software checks to see if security products are really catching exploits and malware

A U.K. company is seeking to displace penetration testing companies with an appliance and software that can frequently test whether security devices are catching bad network traffic and exploits.

Idappcom's product, called Traffic IQ, runs traffic through two virtual machines configured the same as an organization's live network but isolated from it, said Anthony Haywood, chief technology officer.

Traffic IQ is loaded with the latest exploits and threats and can then see if commonly used network-based intrusion protection systems from vendors such as Sourcefire, McAfee, Juniper, Cisco, IBM and more are catching attacks.

Network intrusion detection systems can miss new exploits if the companies behind those products aren't doing the right research. Haywood said Idappcom engineers incorporate new exploits into its product from sources such as Metasploit, Packetstorm and SecurityFocus forums. About 50 to 60 exploits are added to Traffic IQ monthly, he said.

If a product does not detect a certain kind of exploit, Traffic IQ has an ability to create a Snort rule, which allows a security product to detect a type of malicious traffic.

"We are saying we can measure and fine tune and optimize your security to give the maximum level of protection and use the equipment that you use today," Haywood said. "You don't need to spend lots of money."

Security vendors often focus more on the throughput of their products rather than how many pieces of malware or exploits they can detect.

"A lot of vendors are focusing on who has got the biggest box," Haywood said. "Our customers are telling us it's not about who's got the biggest box -- it's all about the recognition and response capability."

Idappcom sells a perpetual license for its appliance, which means that security administrators can run it as many times as they like. Haywood contends this is better than penetration testing, which only shows a snapshot in time of what the network is capable of defending against.

Traffic IQ can also do an audit of change control procedures and regulatory compliance, Haywood said.

Idappcom has a free version of Traffic IQ that launched earlier in the month. Administrators will need to have some knowledge of scripts and packet capturing, however.

Idappcom's customers include Barclays bank, First Capital, AT&T and BT along with government organizations, among others, Haywood said.

Send news tips and comments to jeremy_kirk@idg.com


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareintrusionCompliance monitoringExploits / vulnerabilitiesDetection / preventionIdappcom

Events

SustainTech

Join key decision-makers within Environmental, Social, and Governance (ESG) that have the power to affect real change and drive sustainable practices. SustainTech will bridge the gap between ambition and tangible action, promoting strategies that attendees can use in their day-to-day operations within their business.

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.

WIICTA 2023

ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Brand Post

Show Comments