Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

Security
R E V I E W  
Arming Your Top Security Guns

  May 1, 2003
  By Patrick Mueller


>> continued from previous page

Hailstorm Protocol Modeler Looks To Find Its Niche

TOC Issue TOC
Printer Print full article
Printer Print this page
Printer Download as PDF
E-Mail E-Mail this URL
Discuss Discuss this article
flame author Flame the author
 
  In this article
arrow
 Introduction
arrow
 Busy Windows
arrow
 Executive Summary
arrow
 How We Tested
arrow
 Where Does Protocol Modeler Fit?
arrow
 Hailstorm Protocol Modeler Looks To Find Its Niche
arrow
 Report Card

Cenzic has been seeking its target customer for a long time. The problem is that the core audience-- network security experts with deep technical knowledge-- is quite small, and few have $25,000 to spend on a single tool. We can't help but wonder if Cenzic might generate more revenue by slashing Hailstorm's price and moving more copies. In the right hands, the program is an incredibly powerful tool. But as it stands, its accessibility is extremely limited.

So who is this product for? First, your hard-core security analysts, such as those working for a lab that tests security software and hardware. This category includes me, a writer who works for Neohapsis. One area in which Neohapsis specializes is NIDSs (network intrusion detection systems). We could use Hailstorm to automate some of the scripting involving in NIDS signature testing, for example. Crafting other specialized attacks with which to test NIDS systems, including various RFC (request for comment) violations, could also prove useful.

Another potential customer base is application development organizations?in-house application development teams and companies producing end-user applications. Cenzic has started to build in tools to make Hailstorm more usable in this type of quality assurance role. For example, support for scheduling recurring tests provides a degree of automation. You can have Hailstorm, once a night, scan the latest beta build of your Web application for SQL disclosure vulnerabilities on newly added pages that accept user-supplied input.

Bottom line, Hailstorm is the artificially overpriced prescription drug of the network security testing world?efficacious when given to the right person but available only to the economically elite.


start top   Where Does Protocol Modeler Fit? Report Card 

Research and Reports

Hypervisor Derby
August 2011
Network Computing: August 2011

Video


WATCH: Box.net CEO Aaron Levie Takes On Microsoft

WATCH: HP Chairman Ray Lane: Focus On Innovation

WATCH: How OpenFlow Changes Networking


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Featured Whitepapers

Featured Reports

BlogRoll

TechWeb Careers