• Products
  • PCI ASV Services
  • Software Testing - beSTORM
    • Overview
    • Features
    • Whitepaper
    • FAQs
    • Testimonials
    • Free Trial
    • Certify Your App
    • Current Version
    • Simple Web Server
  • Network Testing - AVDS
    • Overview
    • Reports
    • Free Trial
    • AVDS White Paper
    • Testimonials
    • Case Studies
    • Active Network Scanning
    • Custom Web Server Testing
    • FAQs
    • MSP Services
    • Management Server Version
    • LSS and SAS Versions
  • Web Site Testing - WSSA
    • Overview
    • Features
    • FAQs
    • Case Studies
    • Prices
    • MSP Services
    • Sample Report
    • Compare to Hacker Safe
    • WSSA Security Seal
    • Why Scan My Site?
    • The Technology
  • MSP Services
• Learning Center
  • PCI Compliance FAQs
  • VA/VM White Paper
  • The Secret of Scanning Accuracy
  • MSP Services
  • About SQL Injection
  • QA: Fuzzing Buffer Overflows
  • Web Security & Web Scanning
  • Malware Defense Strategies
  • Patching Network Vulnerabilities
  • Network VA-VM Case Studies
  • Finding Weaknesses During Dev.
  • Web Site Audit Case Studies
  • Web Site Security ROI
  • Fuzzing and Microsoft SDL
• Free Trials
  • Vulnerability Scanner Eval
  • Software Testing Download
  • Website Scanner Free Trial
  • MSP Platform Free Demo
• About
  • Company Overview
  • Management Team
  • Careers
  • Press
    • Press Releases
    • Success Stories
    • beSTORM Press Kit
    • Testimonials
    • Customers
• Partners
  • Marketing Partners
  • Technology Partners
  • MSP and MSSP Services
  • Distributors
  • System Integrator
• Contact

beSTORM Certification Process

You can now reliably certify almost any network hardware or software for compliance to the industry standard RFCs, common implementation practices and interoperability with other products and environments, all while checking it for known and unknown security holes.

The certification is done by beSTORM's patented fuzzing engine which can test your product for known vulnerabilities and their variants as well as unknown vulnerabilities that are specific to your platform, product or even setup.

How can I certify my product?

Download beSTORM, configure your product to work in a production-like configuration and launch beSTORM against it.

As soon as beSTORM completes its run you will receive a report indicating whether your product has passed the required certification requirements or whether it has failed any of them.

Running a full beSTORM session will launch several millions of different attack scenarios against your product and enable you to certify that it's ready for the real world and safe from any security weaknesses such as buffer overflows and format string vulnerabilities.

Many of beSTORM's standard protocol modules include both the RFC specifications and proprietary implementations. One example is the FTP protocol module.

Can beSTORM test proprietary protocols?

beSTORM has a unique feature that allows it to auto-learn any network protocol by analyzing sample data and determining the protocol description.

File Transfer Protocol (FTP)

beSTORM is able to test both the server side and client side of the FTP protocol, with strong emphasis on support for the following RFCs: RFC 959, RFC 949, RFC 1639, RFC 2228, RFC 2389, RFC 2428 and RFC 2640. These RFCs include the specification from the most basic FTP commands USER and PASS, up to the more complex PBSZ and AUTH directives.

beSTORM can verify that an FTP server or an FTP client would not fail to work in production or even hostile environments without falling to an attacker exploiting a buffer overflow or a format string vulnerability to gain unauthorized access or crash the device remotely.

Whitepaper - FAQ - Contact us for a quote - Request Trial

---

---