Only 25% of mergers or acquisitions produce value, claims Philippe Eyries, CEO at Paris Bourse-listed software testing vendor, Cyrano Solution. After spending $1 million buying, and then just three months assimilating, Fidji, a small Paris-based development group, his company has acted quickly to commercialize the technology it acquired in March 1999 in a bid to try and ensure this acquisition fits into the 25% bracket. Cyrano says the new network security testing product is set to hit the market at the end of this month.
That said, Network Security Testing Plus (NST+), as the new suite is known, will not immediately add a large revenue boost to Cyrano’s sales stream as there is still little call for such a product at the moment. In most cases network security testing is simply not being done, concedes Philippe Jumelle who, as technical director with Fidji and now security consultant to Cyrano, was responsible for conceiving and developing the NST+ product line. But, over time, the product could well help extend Cyrano’s reach out of its software testing backwater and into the e-commerce mainstream.
NST+ is said to be able to detect potential weak spots in organizations’ networks, firewalls, systems and databases to help safeguard the availability of Web-enabled applications and to check the vulnerability of e-commerce operations. Not only will the product document weaknesses, Cyrano says, but it will go on to recommend detailed counter measures to rectify any possible exposure. A reference database of vulnerabilities will be continuously updated by Cyrano’s own team of hackers for access via the Web by purchasers of the NST+ product. New test scripts and patches can be easily downloaded into the NST+ engine to enable organizations to ensure that critical systems are resistant to all the latest hacking routines and viruses.
Strong system administration and the use of a firewall is mandatory, says Jumelle but they are not enough in themselves. Many firewalls are poorly or incorrectly configured and even when properly set up do not address the possibility of network exposures from internal threats. They simply act as a choke point for all traffic between internal and external networks to log as many events as possible. Once a firewall is compromised, the whole network is at risk.
The use of a network detection intrusion product is one option available to guard against this scenario occurring but Cyrano is hoping that its customers will buy NST+, which goes beyond the network to the firewall, system and database, to prevent an intrusion taking place. The company has also developed, what it considers to be, a bullet-proof testing methodology that will all but eliminate potential breach points when used in association with the NST+ product suite
Cyrano claims to be the largest European supplier of software testing tools and the third largest vendor worldwide. But its move into network security testing will extend its reach into parts of the market that are new to it. Eyries has said that the company is to become focused on the provision of products to test the availability and security of e-commerce platforms. That would set it apart from its traditional rivals such as Mercury Interactive and CompuWare who as yet do not have testing products comparable to NST+.
In fact, its nearest product rival is SAFEsuite from ISS, the market’s clear leader for vulnerability scanning and intrusion detection software. Other potential competition comes in the shape of Axent and Network Associates, who have plenty of security products but do not have testing software. The Fidji acquisition speeds up our ability to offer both, says Eyries.
The company sees itself, paradoxically perhaps, as now having what it refers to as ‘a diverse set of core competencies.’ It has products for regression and load testing, database and network security testing, through to defect tracking and impact analysis for applications management. Underpinning its portfolio, however, is Project
Commorant, a central repository currently in development that cuts through all these aspects.
