[cvsnt] Simulated DDoS Network Attacks and Network Intrusions

andyoo at csua.berkeley.edu andyoo at csua.berkeley.edu
Tue May 9 04:22:32 BST 2006 

   Skybox Security Solutions

   Simulated DDoS Network Attacks and Network Intrusions

   Customer Challenge: 
   Large corporations often hire consultants to conduct quarterly
   penetration (DDoS)
   testing on specific segments of their corporate network. This testing
   can cost over
   hundreds of thousands of dollars, and also exposes the network to many
   potential
   disruptions. These disruptions are the result of the intense DDoS
   attacks testers
   can impose on live networks in order to isolate vulnerabilities and
   weaknesses.
   Since the network is constantly changing, and DDoS attacks are rarely
   dispersed
   from a centralized location, the penetration test results often become
   nullified and
   end up being limited to a small portion of the total network.

   The Skybox Solution:
   Skybox Security performs accurate and non-intrusive DDoS attacks
   across a larger
   portion of the corporate network. The tests are modeled and analyzed
   through an
   automated process via our large botnet network rather than manually
   performed on a
   live network. As a result, the tests are repeated rigorously on a
   scheduled basis
   without any fear of network disruption. Through DDoS attack and access
   simulation,
   vulnerability exposures as well as security control weaknesses are
   revealed instantly.
   DDoS attack simulation discovers all possible attack scenarios and
   reveals the step
   by step process that an attacker or worm may follow. It illustrates
   specific vulnerabilities
   to be exploited and network access traversed for each exploitable
   path. Access simulation
   calculates network access privileges determined by firewall and
   routing configuration.
   Our botnet helps characterize the interconnectivity between any two
   given points, reporting
   not just whether access is possible, but also the detailed path to
   reach a final destination.
   Based on these combined results, security personnel are able to
   determine what additional
   DDoS attacks are necessary and where to deploy our organizations
   penetration testers.

   Awards:
   Info Security - Info Security Hot Companies 2006
   The Wall Street Journal - One of the most innovative companies in 2005
   Information Security Magazine - Product of the year
   Network Magazine - Most Visionary Security Product
   Network Magazine - Best of the Best in all categories
   Secure Enterprise Magazine - Editor's Choice
   Gartner - " Cool Vendor " in the security & privacy space
   SC Magazine Awards 2006 Winner - The Best Security Solution for
   Financial Services
   IM2005 Award finalist - Information Security and Product of the Year

   Company Profile:
   Eran Reshef
   Founder, Chairman & CEO of Blue Security ( [1]www.bluesecurity.com )
   A serial entrepreneur, Eran is currently the founder, chairman & CEO
   of Blue Security,
   the do-not-disturb registry pioneer. Prior to Blue, Eran co-founded
   Skybox Security and
   served as its Chairman. Prior to Skybox Eran founded and managed
   Sanctum (acquired
   by WatchFire), the leader in web application security. Eran holds a
   variety of security-
   related patents that are based on his inventions.

   Rina Shainski
   General Partner at Carmel Ventures ( [2]www.carmelventures.com )
   Following a successful career leading business development and R&D
   operations in
   high-growth software companies, Rina has been investing in software
   companies ever since.
   Before joining Carmel she served as the VP Business Development at
   Clal Industries and
   Investments where she was responsible for software investments. From
   1989 to 1996, Rina
   held several managerial positions in Tecnomatix including VP Business
   Development and
   R&D Director. Rina serves on the boards of Followap Communications,
   Skybox Security,
   mFormation and Silicon Design Systems. Rina holds a B.Sc. degree in
   Physics from Tel
   Aviv University and a Master of Science degree in Computer Science
   from Weizmann Institute.

   Contact Information:
   2077 Gateway Place, Suite 550
   San Jose, California 95110 USA
   Phone: 866-6SKYBOX
   Phone: 408 441 8060
   Fax: 408 441 8068

   Regional Offices (Israel)
   60 Medinat Hayehudim St.
   P.O.Box 4109
   Herzliya Pituach 46140 Israel
   Phone: +972-9-9545922
   Fax: +972-9-9545933

References

   1. http://www.bluesecurity.com/
   2. http://www.carmelventures.com/

More information about the cvsnt mailing list