
		Overview Test Suite Highlights Analysis Modules Mu Studio Denial of Service Analysis Service Level Traffic Variations - Protocol Fuzzing & Analysis Published Vulnerability Attacks Module Product Demos Protocol Coverage

	Download the Mu Test Suite Solution Brief



	Read the Application Notes



	Mu Advisories



	View the Mu Product Demonstrations

Join Our Mailing List



Want to know what's new @ Mu? Enter your email address to receive Mu Dynamics news.

"The reactive spending on perimeter security or managed services has not been effective as network downtime and vulnerabilities continue to grow. That's why Mu Dynamics' Test Suite is becoming indispensable to users who are methodically identifying the root causes of robustness shortcomings or deep-seated vulnerabilities in any IP-based product or service. "

Mike Monticello
Analyst
Enterprise Management Associates

| Mu Line | Mu Labs

Published Vulnerability Attacks Module

Mu’s Published Vulnerability Attacks (PVA) Module within the Mu Test Suite is a subscription update service that offers a continuously growing list of established vulnerability triggers (well over 1,200 today, increasing on average by about 500 per year). The PVA subscription mirrors the latest real-world attacks found in the wild on the Internet. Mu’s PVA module is augmented on a bi-weekly basis, with the oldest vulnerabilities dating from 2002.

The PVA module applies repeatable metrics to verify the proper operation of any inline signature-based security enforcement device, including Intrusion Prevention Systems (IPS), content-aware security gateways, deep-inspection firewalls and Unified Threat Management (UTM) systems.

The Mu Test Suite uses the PVA and its platform feature set to perform automated audits on a pass-through device to validate that vulnerability triggers are blocked. The individual vulnerability triggers within the PVA module are delivered over IPv4 or IPv6, as well as up to 12 different kinds of evasion techniques for IPv4, or 5 for IPv6), resulting in well over 40,000 unique test cases.

PVA Tech Demo 1

PVA Tech Demo 2

Mu uses the underlying vulnerability trigger pattern (such as a buffer overflow sequence) to cause the vulnerability itself to be triggered, rather than simply ‘replaying’ the traffic associated with a particular exploit payload in its entirety. This approach, coupled with various evasion techniques validates the signature-based product’s ability to detect and block root causes instead of symptoms.

Users of the Mu Test Suite's PVA module demonstrate for themselves whether a given signature in a networked product device is actually effective at detecting or blocking specific undesirable traffic, per its claims. PVA module use also enables customers to become aware of the existence of any traffic that is not blocked by the product or service under analysis, e.g., brand new vulnerabilities for which no signature is yet available.

Adaptive Analysis

The Mu solution separates the unexpected service level traffic variations it generates from the channel over which it is delivered in a technology known as Adaptive Analysis. Adaptive Analysis allows the Mu Test Suite to seamlessly deliver its traffic over any valid transport and authentication methods supported by the service.

Related Collateral


	Products \| Solutions \| Resources \| Support \| News & Events \| Company \| Labs \| Contact \| Home


Mu Improves the Robustness of VoIP, IMS and IPTV NGN Services. © 2009 Mu Dynamics. Legal \| Privacy \| Site Map \| Site Users Guide