Press Release
Stonesoft introduces New Anti-Evasion Readiness Test Tool and Service
Recent severe security breaches highlight the importance of network security
Helsinki, Finland – 1 June, 2011 – Stonesoft today announced the
debut of the world’s first Anti-Evasion Readiness Test™ service. This service tests how well an
organization’s critical digital assets are protected against advanced evasion techniques (AETs).
The service will be provided by selected, independent IT service organizations around the
world.
The Anti-Evasion Readiness Test service leverages the StoneGate evasion testing software
developed by Stonesoft Labs to test, assess and report security devices’ capabilities to protect
against advanced evasion techniques (AETs). AETs are a means to disguise and/or to modify network
attacks to avoid detection and blocking by the network security systems. In practice, evasions
enable advanced cyber criminals to deliver any malicious content, exploits or attacks to a
vulnerable system without leaving a trace. Based on latest knowledge and research, AETs can bypass
the majority of the existing security devices.
The service has been developed to meet the needs of organizations relying on network security
devices like Next Generation Firewalls and Intrusion Prevention Systems with deep packet
inspection. These devices protect mission critical computer networks, sensitive data assets,
critical systems such as CRM and ERP, and SCADA networks. These systems are attractive targets for
cyber criminals and AETs offer an effective way of executing successful attacks. For many
organizations, securing these areas is crucial for meeting compliance and audit requirements.
“The recent security breaches highlight the growing importance of network security. The
first step to mitigating risks is to improve your understanding and awareness about the level of
existing network security. The worst thing is to have a false perception of being safe or being
dependent on vendor claims only. The Anti-Evasion Readiness Test Service provides organizations
with an independent, realistic and definitive answer to the question of how well their network
security devices protect against advanced evasion techniques,” said
Klaus Majewski, Director of Business Development at
Stonesoft Corporation.
The Anti-Evasion Readiness Test service will be offered by vendor independent, qualified IT
service providers around the world. The availability of the service is expected to spread fast as
major providers take it as part of their portfolio.
“There is a strong demand from our customers for this kind of a service. Today, there are a
lot of claims and hearsay around the threat posed by evasions, and customers need clear facts.
Understanding how effective or ineffective an organization’s security devices are against AETs is
an important part of IT risk management. The service is a valuable component of security audits,
the product evaluation process or the re-configuration of current devices to add AET protection.
The test service will help organizations optimize their security strategy”, adds Majewski.
The StoneGate evasion testing tool is the most comprehensive evasion testing software on the
market today, including also the most recent evasion techniques discovered by Stonesoft, which have
been reported to the vendor community through the CERT coordination process. What distinguishes the
Anti-Evasion Readiness Test service from the existing lab and vendor device testing methods is that
the tests are conducted using the organizations’ own security devices and configurations as they
are running in production environment.
As an end result of the service, customers will get a comprehensive test report about evasion
detection and block rates on different protocol levels. The test report also includes practical
recommendations and risk mitigation advice. The test does not require any in house expertise or
investments in the testing tools.
Read more about the Anti-Evasion Readiness Test service at
www.stonesoft.com
and
www.antievasion.com.
Contact:
For more information, please contact:Klaus Majewski
Director, Business Development
Stonesoft Corporation
Tel. +358 40 824 7908
Email: klaus.majewski(AT)stonesoft.com
About Stonesoft
Stonesoft Corporation (NASDAQ OMX: SFT1V) is an innovative provider of integrated
network security solutions to secure the information flow of distributed organizations. Stonesoft
customers include enterprises with growing business needs requiring advanced network security and
always-on business connectivity.
StoneGate™ Secure Connectivity Solution unifies firewall, VPN (Virtual Private Network), IPS (Intrusion Prevention System) and SSL VPN blending network security, end-to-end availability and award-winning load balancing into a unified and centrally managed system. The key benefits of StoneGate the solution include low TCO (Total Cost of Ownership), excellent price-performance ratio and high ROI (Return on Investment). The StoneGate Virtual Security Solutions protect the network and ensure business continuity in both virtual and physical network environments.
StoneGate Management Center provides unified management for StoneGate Firewall with VPN, IPS and SSL VPN. StoneGate Firewall and IPS work together to provide intelligent defense all over the enterprise network while StoneGate SSL VPN provides enhanced security for mobile and remote use.
Founded in 1990, Stonesoft Corporation is a global company with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com, www.antievasion.com and the corporate blog http://stoneblog.stonesoft.com.
Wednesday, June 1, 2011
