• United States
Senior Editor, Network World

Mu Security debuts with test analyzer

Apr 03, 20063 mins

Intended to run in test labs, target devices include switches, routers, servers and firewalls.

This week start-up Mu Security makes its debut with a security analyzer called the Mu-4000 that can probe and discover new vulnerabilities in a variety of IP-based network gear, including switches, routers, VoIP phones, Web servers and firewalls.

Ajit Sancheti, Mu Security’s co-founder and CEO, says the Mu-4000 is intended for a test-lab environment and runs a probe on network equipment before it’s deployed. To ferret out a the equipment’s unknown weaknesses, the probe launches attacks that simulate possible hacker actions.

“This is an engine to generate millions of unique attacks,” says Sancheti, who started the firm with CTO Kowsik Guruswamy.

The co-founders have worked together since the ’90s when Guruswamy was chief architect and Sancheti was director of product management at OneSecure.

OneSecure, a maker of intrusion-detection systems, was acquired by NetScreen, which in turn was acquired by Juniper. Sancheti says he and Guruswamy decided to start Mu Security on the premise that there’s a need for better tools to discover vulnerabilities in equipment.

The Mu-4000 process manipulates various protocols, including Border Gateway Protocol, VoIP, Radius authentication, Lightweight Directory Access Protocol, HTTP and FTP, to examine how equipment reacts to assaults.

The Mu-4000, which starts at $30,000, is a rack-mountable appliance that includes four Gigabit Ethernet and two serial ports for access to the targeted equipment.

Most vulnerability-assessment tools analyze how software or hardware reacts to known vulnerabilities. But Mu Security’s appliance is aimed at uncovering zero-day vulnerabilities – the holes that generally aren’t known to exist.

Chris Christiansen, vice president of security products and services at IDC, expects Mu Security could have a significant impact if its tool gets widely deployed.

“There are likely to be numerous exploitable vulnerabilities in field-installed systems, including database and streaming media applications, routers, firewalls and network-attached storage, that need remediation today,” Christiansen says.

The Mu-4000 appliance has been installed at 20 customer sites, including government agencies.

Motorola late last year started using the security analyzer to look for unknown vulnerabilities that might be found in software for Motorola products ranging from network equipment to handsets.

“Mu Security is very innovative,” says Anson Chen, corporate vice president and general manager of the global software group at Motorola. “Even when a product is close to shipping, we may find something.” The Mu-4000 has assisted Motorola in developing secure programming practices.

If the security analyzer proves to be exceptionally proficient at ferreting out new vulnerabilities, the question may arise as to how Mu Security will prevent the Mu-4000 from being used as an attack tool to unearth weaknesses in products.

“It is like a loaded gun,” says Sancheti, who adds that the company is tracking every device it makes available with the goal that they be used only for the intended purpose.

PROFILE: Mu Security
Location:Sunnyvale, Calif.
Founders:Ajit Sancheti, CEO, and Kowsik Guruswamy, CTO.
When:March 2005
Funding:$4 million from Accel Partners and Benchmark Capital.
Product:Mu-4000 Security Analyzer for discovering vulnerabilities in network equipment.
Fun fact :Mu comes from the phrase Òmutating the protocols,Ó a shorthand description of how the Mu-4000 bombards the targeted equipment in a lab with hundreds of thousands of simulated attacks.