Advanced security testing software for Product Developers, Vendors, Critical National Infrastructure (CNI) companies and Government.
ProtoCrawler can be used for discovering previously unknown security vulnerabilities in OT and IT systems and hardware. It provides businesses with confidence that their products are resilient and robust against cyber-attacks aimed at exploiting design weaknesses and flaws.
ProtoCrawler offers a comprehensive structured fuzzing capability. Fuzzing is a software-based technique used to discover unpredictable or incorrect behaviour in devices or software when sent unexpected or malformed data. Fuzzing is increasingly important for addressing requirements in cybersecurity standards, such the input validation requirements of IEC 62443 (SR 3.5, CR 3.5, SVV-3) and ETSI draft EN 303 645 (provision 5.13-1).
When used to attack IT or OT devices and systems, fuzzing uses techniques available to real-world attackers to discover vulnerabilities in products or operational systems. This sort of malformed data is typically intended to cause failures that can then be exploited, perhaps in combination with other known vulnerabilities, to break into the system.
ProtoCrawler helps generate assurance in the robustness of systems and products by fuzzing their interfaces so that vulnerabilities can be found and mitigated before they are exploited.