Secunia CSI7
About us
Careers
Memberships
Newsroom
Contact us
Blog
News
Articles

One Stop Exploit Shop

Get this blog as an RSS Feed
As of today it will be possible for respectable security outfits and certain corporate business units to buy Secunia Binary Analyses, PoCs, and exploits on a "pay as you go" basis through our online shop.
17:08 CET on the 8th September 2008
Entry written by Thomas Kristensen.

As of today it will be possible for respectable security outfits and certain corporate business units to buy Secunia Binary Analyses, PoCs, and exploits on a "pay as you go" basis through our online shop.

The purpose of the Binary Analysis Service is solely defensive in nature. The goal is to provide much better and more reliable intelligence for the security vendors creating rules and signatures for their anti-virus (AV) and intrusion detection / prevention systems (IDS / IPS), as well as the few corporate and national entities, who have the technical capacity to create additional custom made rules in-house for their IDS / IPS.

All the security vendors and other companies, who are approved, will get access to buy the Binary Analyses on a "pay as you go" basis or as an annual subscription, which gives unlimited access to the historical analyses and approx. 200 new analyses per year.

During the past 2 years we have serviced a few selected AV and IDS / IPS vendors with this in-depth intelligence, however, we have also realised that far too many of the other AV and IDS / IPS vendors - including the major ones - fail to detect many attacks utilising critical vulnerabilities simply because they too often create payload based signatures rather than vulnerability based signatures.

We hope that we can help the security vendors provide the security their customers expect by giving flexible access to our vast analyses repository, which essentially allows the vendors to pick the analyses they have not yet completed in-house or even "out source" most of the analysis work to Secunia by purchasing a full subscription.

The Binary Analysis service also provides significant extra value to our other services due to the additional information uncovered through this in-depth analysis. Quite often Secunia finds that patches are inadequate, that something is more or less severe than initially stated by the vendor or researcher, or that other vectors exists. The corresponding Secunia Advisories are then updated with the additional information to ensure that our customers and the community have sufficient information to properly assess the risk of a given vulnerability.

Secunia will occasionally publish selected Binary Analyses on the Sample Analysis page.
http://secunia.com/binary_analysis/sample_analysis/

We hope that the new "accessibility" to our in-depth analysis will encourage more vendors to acquire the intelligence they need to provide proper rules and signatures for their products.

Stay Secure,

Thomas Kristensen
CTO

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: One Stop Exploit Shop
 
No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer