That you've never heard of a tool quite like (or maybe anything like) Hailstorm Protocol Modeler is a testament to its uniqueness. From a business standpoint, that's both a strength and a weakness. On one hand, Cenzic has no commercial competition to contend with. But existing in a vacuum makes the product somewhat of a black sheep. The security tools market is already crowded, creating some stiff competition for security analysts' mind share. To help you put Protocol Modeler in perspective, here's a look at some security tools with relevant similarities. Read more on Cenzic finding its target customer.
• Vulnerability-Assessment Scanners: VA scanners run through databases of known attack types, probing a host or network device for known security vulnerabilities. When a new vulnerability is discovered--for example, Microsoft IIS is found to be susceptible to some new type of script disclosure--a check is developed and added to the list of signatures. Each is run in turn on the targeted host, perhaps after being narrowed down by host-type identification, "only run the IIS checks on IIS servers, not on Apache."
Like most signature-driven anti-virus software, with VA you are protected only against known attacks. Protocol Modeler doesn't offer conventional VA services but rather enables the user to proactively probe an application for unknown but suspected security vulnerabilities. This bug hunting is more time-consuming and technically demanding than running a VA scanner. Because these activities have different goals--identifying known vulnerabilities versus finding undiscovered flaws--comparing them is useful only to distinguish the two types of tools.
Examples of VA tools include Internet Security Systems' Internet Scanner and Nessus.
• Web Application Scanners: Web application scanners have properties of conventional VA scanners as well as similarities to the Protocol Modeler testing platform. Generally using a proxy-based architecture, they can crawl automatically or be driven by a user "test case" through a Web application. By watching for typical insecure Web programming practices and running checks against suspect components, the tools can discover and evaluate these vulnerabilities. Application tampering, including malicious cookie tampering and hidden value attacks, can be detected and identified by these tools. Protocol Modeler can pinpoint some of these Web application bugs, though the feature sets and strengths relative to Protocol Modeler will depend on the product in question.
• Toolkits and Libraries: The final product space is largely noncommercial. Loads of open-source programming libraries, APIs and toolkits are available to help automate the process of network vulnerability testing. Using them will require deep technical knowledge of the protocols involved as well as programming and Unix expertise. These are not for the faint of heart. FuzzersÐtools that feed pathologically formed input to a program (in this context, a network-enabled application) to produce a fault--fall in this category. Security consultancy @Stake produces one such tool, called Spike. Protocol Modeler can undertake many of these tasks. In fact, the real value proposition of this product is that it provides a faster and more effective way to create many tests that would otherwise have to be assembled using these different network security toolkits.
REPORTS
ANALYTICS
Follow 
