home Contact Customer Jobs
Want to know what's new @ Mu? Enter your email address to receive Mu Dynamics news.

"Mu Dynamics' is a proud member of the SANS Institute Affiliate Program and frequent participant in SANS member events and presentations.  Learn more now and get great rates on SANS Training Programs. "

SANS Affiliate Program
SANS Institute


 |   |   |   |   

Published Vulnerability Analysis

Mu’s Published Vulnerability Analysis (PVA) module within the Mu-4000 is a subscription update service that offers a continuously growing list of established vulnerabilities (well over 1,000 today, increasing on average by about 500 per year). The PVA subscription mirrors the latest real-world attacks found in the wild on the Internet.  Mu’s PVA module is augmented on a bi-weekly basis, with the oldest vulnerabilities dating from 2002.

The PVA module applies repeatable metrics to verify the proper operation of any inline signature-based network product (e.g. security enforcement systems) including Intrusion Prevention Systems (IPS), content-aware security gateways, deep-inspection firewalls and Unified Threat Management (UTM) systems.

The Mu-4000 uses the PVA and its platform feature set to perform automated audits on a pass-through device to validate that vulnerability triggers are blocked.  The individual vulnerabilities within the PVA module are delivered over IPv4 or IPv6, as well as 12 different kinds of evasion techniques, resulting in well over 25,000 unique variations.

PVA Tech Demo 1


PVA Tech Demo 2

Mu uses the underlying vulnerability trigger pattern (such as a buffer overflow sequence) to cause the vulnerability itself to be triggered, rather than simply ‘replaying’ the traffic associated with a particular exploit payload in its entirety.  This approach, coupled with various evasion techniques validates the signature-based product’s ability to detect and block root causes instead of symptoms.

Users of the Mu-4000's PVA module demonstrate for themselves whether a given signature in a networked product device is actually effective at detecting or blocking specific undesirable traffic, per its claims.  PVA module use also enables customers to become aware of the existence of any traffic that is not blocked by the product or service under analysis, e.g., brand new vulnerabilities for which no signature is yet available.

Adaptive Analysis

The Mu-4000 separates the unexpected service level traffic variations it generates from the channel over which it is delivered in a technology known as Adaptive Analysis. Adaptive Analysis allows the Mu-4000 to seamlessly deliver its traffic over any valid transport and authentication methods supported by the service.

Related Collateral


 
Products | Solutions | Resources | Support | News & Events | Company | Labs | Contact | Home