Products

Synopsys Application Security

Defensics - Proactively Discover and Remediate Unknown Vulnerabilities

Synopsys Defensics Image 1 Synopsys Defensics Image 2

Organizations increasingly depend on information technology to process vital data and for operations. It is estimated that as of today, there are 13 billion devices connected today. By 2020, this number is expected to grow to 25 billion. This enormous growth presents cyber attackers an opportunity to breach security and compromise organizations' data. An organization needs to be proactive in detecting unknown vulnerabilities in business-critical software and devices. Since it is better to detect and prevent anomalies earlier than later, there is a need for software that discovers and remedies unknown vulnerabilities early in the development lifecycle and supply chain.

Defensics from Synopsys is a powerful testing platform that enables developers and asset owners to proactively discover and remediate unknown vulnerabilities in software and devices. It uses fuzzing to identify and mitigate potential security threats.

A fuzzer is a piece of software that tests a piece of target software and fuzzing is the process of sending intentionally malformed inputs to a piece of software to see how it reacts. If it fails, it indicates a bug, which can then be fixed to improve the robustness and security of the target software. Fuzz testing exposes software defects and vulnerabilities more effectively than any other solution in the market.

Defensics is a fuzz testing tool that dynamically triggers and detects unknown vulnerabilities in a test environment and can be used proactively to preempt security attacks.

Key Features of Defensics

  • Fully-automated testing platform with pre-built test suites relieve the responsibility and burden of manual test creation.
  • Utilizes various techniques to generate effective test cases, including “template,” “generational,” and “evolutionary” test engines.
  • Supports advanced techniques for detecting failures and anomalous behavior, including valid case or functional response, resource monitoring, dynamic binary analysis, and source code instrumentation.
  • Advanced test suites available for 290+ network protocols, file formats, and other interfaces. Test suites are continuously added, improved, and supported by a dedicated team of test developers.
  • Thorough documentation and reporting features allow Defensics to identify the root cause of critical failures in such a way that they are repeatable, easy to understand, and can be shared with the stakeholders involved in the remediation process.

Supported Protocols
(Not All Protocols Listed)

  • (MEF-16)
  • BACNET
  • BFD
  • BFD
  • BGP4+
  • BICC/M3UA
  • Blueooth LE
  • Bluetooth
  • CAN Bus
  • CFM
  • CIFS/SMB
  • CIP
  • CMP v2
  • COAP
  • CWMP (TR-69)
  • DHCP/BootP
  • DHCPv6
  • Diameter
  • DICOM
  • DNP3
  • DNS
  • DTLS
  • DVMRPv1
  • DVMRPv3
  • E-LMI
  • EAPoL/802.1x
  • ESTP
  • Ethernet
  • FCoE + FIP
  • FIX
  • FTP
  • GARP 802.1D
  • GRE
  • GTPv0
  • GTPv1
  • GTPv2-control
  • H.248
  • H.264
  • H.264 RTP
  • H.323
  • HTTP
  • IEC 60870-5-104
  • IEC 61850/Goose/
  • SV
  • IEC 61850/MMS
  • IEE1588 PTP
  • IKEv2
  • IMAP4
  • IPMI
  • IPSec
  • IPv4
  • IPv6
  • IS-IS
  • ISAKMP/IKEv1
  • ISASecure Solution
  • iSCSI
  • JSON format
  • Kerberos
  • L2TPv2/v3
  • LACP (802.3ad)
  • LDAPv3
  • LDP
  • LLDP (802.1AB)
  • MAP
  • MIME
  • ModBus
  • MP4
  • MPLS
  • MQTT
  • MSDP
  • MSRP
  • NetBIOS
  • NFS v2/v3
  • NFS v4.0 / v4.1
  • NHRP
  • NTP
  • OAM (802.3ah)
  • OCSP
  • openFlow
  • OSPFv2
  • OSPFv3
  • PBB-TE
  • PBT (802.1ah)
  • PCP
  • PIM-SM/DM
  • PMIPv6
  • POP3
  • PPPoE
  • Profinet DCP (PLC)
  • Profinet PTCP (PLC)
  • RADIUS
  • RIP
  • RIPng
  • RSVP
  • RTP/RTCP/SRTP
  • RTSP
  • S1AP
  • SCEP
  • SCTP
  • SIP
  • SIP-I
  • SMBv2
  • SMBv3
  • SMPP SMS
  • SMS PDU/File
  • SMS SMPP
  • SMTP
  • SNMP Trap
  • SNMPv2c
  • SNMPv3
  • SOCKS
  • SSH1
  • SSH2
  • STP
  • STUN
  • SunRPC
  • SyncEthernet
  • Syslog
  • Telnet
  • TFTP
  • TLS 1.2
  • TLS/SSL 1.0/1.1
  • SSL3
  • Traffic Capture
  • Fuzzer
  • Trill
  • TURN
  • Universal ASN.1
  • BER
  • Universal Fuzzer
  • UPnP
  • vCalendar format
  • vCard format
  • VRRP
  • Web Application
  • Web Socket
  • Wi-Fi AP
  • Wi-Fi AP WPA
  • Wi-Fi Client
  • Wi-Fi Client WPA
  • WMV
  • WPA Enterprise
  • X.509v3
  • XML File
  • XML SOAP
  • XMPP