Mu Security debuts with test analyzer

This week start-up Mu Security makes its debut with a security analyzer called the Mu-4000 that can probe and discover new vulnerabilities in a variety of IP-based network gear, including switches, routers, VoIP phones, Web servers and firewalls.

Ajit Sancheti, Mu Security’s co-founder and CEO, says the Mu-4000 is intended for a test-lab environment and runs a probe on network equipment before it’s deployed. To ferret out a the equipment’s unknown weaknesses, the probe launches attacks that simulate possible hacker actions.

“This is an engine to generate millions of unique attacks,” says Sancheti, who started the firm with CTO Kowsik Guruswamy.

The co-founders have worked together since the ’90s when Guruswamy was chief architect and Sancheti was director of product management at OneSecure.

OneSecure, a maker of intrusion-detection systems, was acquired by NetScreen, which in turn was acquired by Juniper. Sancheti says he and Guruswamy decided to start Mu Security on the premise that there’s a need for better tools to discover vulnerabilities in equipment.

The Mu-4000 process manipulates various protocols, including Border Gateway Protocol, VoIP, Radius authentication, Lightweight Directory Access Protocol, HTTP and FTP, to examine how equipment reacts to assaults.

The Mu-4000, which starts at $30,000, is a rack-mountable appliance that includes four Gigabit Ethernet and two serial ports for access to the targeted equipment.

Most vulnerability-assessment tools analyze how software or hardware reacts to known vulnerabilities. But Mu Security’s appliance is aimed at uncovering zero-day vulnerabilities – the holes that generally aren’t known to exist.

Chris Christiansen, vice president of security products and services at IDC, expects Mu Security could have a significant impact if its tool gets widely deployed.

“There are likely to be numerous exploitable vulnerabilities in field-installed systems, including database and streaming media applications, routers, firewalls and network-attached storage, that need remediation today,” Christiansen says.

The Mu-4000 appliance has been installed at 20 customer sites, including government agencies.

Motorola late last year started using the security analyzer to look for unknown vulnerabilities that might be found in software for Motorola products ranging from network equipment to handsets.

“Mu Security is very innovative,” says Anson Chen, corporate vice president and general manager of the global software group at Motorola. “Even when a product is close to shipping, we may find something.” The Mu-4000 has assisted Motorola in developing secure programming practices.

If the security analyzer proves to be exceptionally proficient at ferreting out new vulnerabilities, the question may arise as to how Mu Security will prevent the Mu-4000 from being used as an attack tool to unearth weaknesses in products.

“It is like a loaded gun,” says Sancheti, who adds that the company is tracking every device it makes available with the goal that they be used only for the intended purpose.