Cyrano SA, the French testing tools vendor, hopes to outflank its traditional rivals in the testing arena Rational and Mercury Interactive, by releasing security fault checking and remediation software. Its NST+ (Network Security Testing) product set includes network and firewall testing software available immediately, with database and operating system products expected in the next two to three months.
NST+ Firewall fires hacker-type attacks to test a company firewall with a probe placed behind the firewall telling the software which attacks are penetrating. The probe also identifies the software behind the firewall so that NST+ knows exactly what it is attacking. The advantage of this is that it’s not just the firewall that is being scrutinized. It’s the computing protected by the firewall, the web and mail servers on which businesses depend, that are being checked for security failures as well.
The company claims an advantage over the security tools vendors in that it offers a range of testing tools such as Impact and Workbench, used for testing scalability and performance, putting firms’ security needs in the context of the whole business. Together, Cyrano argues, the testing and security tools check whether networks will work as they were designed, not whether individual security tools function independently.
NST+ has a range of reports from its corporate network analyses, to make it easier for unskilled users to work out where the faults are. The software also contains ‘security workflow,’ a template suggesting which processes to follow when something goes wrong. It will include any updates to Cyrano’s library of hacking techniques, free to users. NST+ runs on Windows NT, but can test networks on any platform.
