Anti-Evasion Readiness Test

2011: Start of Anti-Evasion Readiness Test service

The Stonesoft company announced in June, 2011 start of service for testing of capability of network security systems to resist to dynamic technicians of a bypass (AET — Advanced Evasion Techniques) — Anti-Evasion Readiness Test. This test, as envisioned by Stonesoft, will allow to demonstrate, crucial assets of the organizations from dynamic the technician of a bypass are how well protected.

Dynamic technicians of a bypass, or AET, are a contrivance of network attack using which it is not detected by the available system of network protection and is not blocked by it. In practice of AET give the chance to cybercriminals to deliver any harmful content or an exploit to a vulnerable information system, without leaving a mark, noted in Stonesoft. As showed researches of the company, AET can bypass the majority of the existing network security systems.

The Anti-Evasion Readiness Test service was developed for the organizations which in the work rely on such means of protecting as firewalls of new generation and an intrusion prevention system with functionality of deep inspection of traffic. Such devices usually protect crucial computer networks, confidential data, crucial information systems as, for example CRM ERP, networks SCADA. These objects also are the most attractive to cybercriminals, and dynamic technicians of a bypass provide an effective method of carrying out the attacks on them, emphasized in Stonesoft. Security of such objects is important for many organizations in terms of a compliance with law or requirements of audit.

According to developers, the service of testing Anti-Evasion Readiness Test uses software of StoneGate Evasion Testing which was developed by Stonesoft for assessment of capability of network security systems to protect crucial assets of the organizations from AET and creation of detailed reports. As a result of testing clients will receive the detailed report on the used technicians of a bypass and their blocking by means of protecting at the different levels of work of the protocol. The report on results of tests also includes practical recommendations and councils for risk reduction. The test does not require special skills or investments into testing aids.

The Anti-Evasion Readiness Test service will be provided by the independent, qualified providers of IT services worldwide. It is expected that service will gain fast distribution as prime vendors will begin to offer it as a part of the portfolio.