Tsunami (software for search of vulnerabilities)

2020: Disclosure of source codes

In the middle of July, 2020 Google opened source codes of the tool for search of vulnerabilities in software. According to developers, Tsunami is a scalable network scanner for detection of vulnerabilities of high degree of danger with the minimum quantity of false operations.

The Tsunami scanner is already actively used in the company Google and is available on GitHub. Though hundreds of other commercial scanners including open source, only Tsunami is intended for enormous corporations are presented at the market. This category includes the companies which manage the networks including hundreds of thousands of servers, workstations, network equipment and IoT devices connected to the Internet.

Google opened source codes of the tool for search of vulnerabilities in software

According to Google, Tsunami should adapt to these extremely diverse and large networks and does not require start of different scanners for each type of devices. A principal component of Tsunami is the scanner or the module of investigation. He scans network of the company on existence of open ports, and then estimates each of them on existence of vulnerabilities. The second component more difficult also works at a basis of the received results. It receives the list of vulnerabilities for testing and starts safe exploits for stability check.

The vulnerability check module also allows to expand possibilities of Tsunami using plug-ins - means using which groups of security can add information on new vectors of the attacks and vulnerabilities to a system. Among other things using plug-ins the scanner checks open sensitive user interfaces and credentials with weak protection. Google intends to continue development of Tsunami, paying special attention to decrease in false positive operations as in the conditions of the large companies they can lead to very serious effects.^[1][2]

Notes