WIXLIB

DefensicsFuzz TestingImprove softwarerobustness, ensuresystems interoperability,and identifyvulnerabilities, whetheryou’re procuringsoftware for businessoperations or building it.OverviewDefensics fuzz testing is a comprehensive, powerful, and automated black boxsolution that enables organizations to effectively and efficiently discover and remediatesecurity weaknesses in software. By taking a systematic and intelligent approach tonegative testing, Defensics allows organizations to ensure software security withoutcompromising on product innovation, increasing time to market, or inflating operationalcosts.Defensics’ logical user interface walks users through each step of the process, makingadvanced fuzz testing easy.Key featuresIntelligent fuzzing engineThe Defensics engine is programmed with knowledge on input type, whether it’s aninterface, protocol, or file format. Because the engine has a deep understanding ofthe rules that govern communication within the input type, it can deliver targetedtest cases that exploit that input type’s inherent security weaknesses. This intelligentand systematic approach to fuzz testing allows you to reduce testing time withoutcompromising cost or security. synopsys.com 1

A comprehensive fuzzing solutionOur 300 prebuilt, generational test suites ensure quick time to fuzz and relieve you of theburden of creating manual tests. We continuously update our test suites for new inputtypes, specifications, and RFCs. Customize any of our test suites by fine-tuning the message sequence. The datasequence editor allows you to cover corner cases not within Defensics’ predefined scope. Need added extensibility? Use our template fuzzers. Universal Data Fuzzer is a file formattemplate fuzzer, and SDK Express helps generate test cases by reverse engineeringsample files you provide. Have proprietary or custom input types? Write your own test suites with DefensicsSDK, which supports Java and selected transport layers and comes equipped withinstrumentations. Speed up testing with FuzzBox support. It’s now easy to fuzz wireless LAN and IoTprotocols, with test runs directly on custom hardware.Defensics reports contain messagesequence logs to help users identify theroot cause of an anomalous reaction.Fits into most development life cyclesDefensics contains workflows that enable it to fit almost any environment from atechnological and process standpoint. Whether you employ a traditional SDL or a CIdevelopment life cycle, Defensics brings fuzz testing into development early, allowingyou to catch and remediate vulnerabilities more cost-effectively. Got an unconventionaldevelopment life cycle? Our experienced Professional Services team can help you identifyfuzz testing checkpoints, define fuzz testing metrics, and establish a fuzz testing maturityprogram.It’s not just about fitting into the development process; it’s also about working withsurrounding technologies. API and data export capabilities allow Defensics to share data foradditional reporting and analysis, making Defensics a true plug-and-play fuzzer.Detailed, data-rich reports for efficient remediation Contextualized logs. Remediation logs detail the protocol path and message sequencesbetween Defensics and the system under test (SUT) to help you identify the trigger andtechnical impact of each vulnerability.Defensics offers automated capabilitiesthroughout the testing process, such asDevice Explorer, to relieve users of theburden of manual configuration. Vulnerability mapping. Defensics maps each vulnerability to industry standards such asCWE and injection type to enhance information discovery and expedite remediation. Issue re-creation. Defensics narrows the vulnerability trigger to a single test case so youcan re-create the issue and verify the fix. Remediation packages. Generate encrypted remediation packages for your softwaresuppliers to facilitate secure, collaborative remediation across the supply chain.Scale fuzz testing with automationFrom scanning for the test target to determining the number of layers to connect to,Defensics offers a rich set of APIs for flexible, scalable automation to meet all your needs: Test single devices Set up repeatable automation to ensure test plans are followed every time Reduce testing times with the latest in scalable virtualization synopsys.com 2

Defensics Fuzz Testing Test Suite CatalogAuthentication, Authorization, andAccounting (AAA) Application Diameter Client/ServerEAPOL ServerKerberos ServerLDAPv3 Client/ServerRADIUS Client/ServerTACACS Client/ServerMACsec ServerFIXJSON FormatWeb ApplicationWebSocket Client/ServerXML SOAP Client/ServerXML FileXMPP ServerAMQP ServerWAMP ServerOWAMP ServerTWAMP ServerAutomotive CAN BusCAN FDDoIP ServergPTP ServerSOME/IPSRP ServerCellular Core BICC/M3UAGREGTP PrimeGTPv0PMIPv6 Client/ServerSCTP Client/ServerSMPPSMS (SMPP injection)SMS (file injection)MAPBSSAPBSSAP CAPINAPISUPMTP3 / M2UA M2PATCAP / SCCP / M3UASBI Client/ServerCore IP DHCP/BOOTP Client/Server DHCPv6 Client/Server DNS Client/Server FTP Client/ServerHTTP Client/ServerHTTP/2 Client/ServerICAP ServerIPv4 Package– ARP Client/Server– ICMP– IGMP– IPv4– TCP for IPv4 Client/ServerIPv6 Package– ICMPv6– IPv6– TCP for IPv6 Client/ServerSOCKS Client/ServerMulticast DNSPPP over L2TP ClientPPPoEEmail IMAP4 Client/ServerMIMEPOP3 ServerSMTP Client/ServerGeneral Purpose SDK Express Universal ASN.1 BER Universal FuzzerICS 60870-5-104 (iec104) Client/Server61850/Goose/SV61850/MMS Client/ServerBACNETCIP ServerCOAP ServerDNP3 Client/ServerMQTT Client/ServerModbus MasterModbus PLCOPC UA ServerProfinet DCPProfinet PTCP Client/ServerDLMS/COSEM Client/ServerISASecure Testing SolutionLink Management LACP (802.3ad) STP/RSTP/MSTP/ESTPMedia Archives Package– GZIP– JAR– ZIP Audio Package– MP3– MPEG4 (M4A/MP4)– OGG– WAV– Windows Media (WMA/WMV) Images Package– GIF– JPEG– PNG– TIFF Video Package– H.264 File Suite– H.264 RTP Format– MPEG2-TS– MPEG4 (M4A/MP4)– OGG– Windows Media (WMA/WMV)Medical DICOM Server HL7v2 ServerMetro Ethernet BFDCFM (802.1ag, Y.1731)E-LMI (MEF-16)Ethernet (802.3, 802.1Q)GARP (802.1D)LLDP (802.1AB)OAM (802.3ah)PBB-TE ServerSynchronous Ethernet (ESMC)Public Key Infrastructure (PKI) CMPv2 Client/Server CSRRemote Management CWMP (TR-69) ACSCWMP (TR-69) CPEIPMI ServerNETCONFPCP ServerSNMP trapSNMPv2c ServerSNMPv3 ServerSSHv1 ServerSSHv2 ServerSyslogTFTP ServerTelnet Server synopsys.com 3

Routing BGP4 Client/ServerIS-ISLDPMPLS ServerMSDPOSPFv2OSPFv3Openflow controllerOpenflow switchPIM-SM/DMRIPRIPngRSVPTRILL ServerVRRPCOPS Client/ServerStorage CIFS/SMB ServerDCE/RPC ServerNFSv3 ServerNFSv4.0 / 4.1 ServerNetbios ServerDNNGSMBv2 Client/ServerMPSMBv3 Client/ServerSunRPC ServeriSCSI Client/ServerTime Synchronization IEEE1588 PTP Client/Server NTP Client/ServerUniversal Plug and Play UPnP Package– UPnP Multicast Eventing– UPnP SOAP– UPnP SSDP Control Point– UPnP SSDP DeviceVoIP H.323 Client/ServerH.284 GW Binary/TextH.284 MGC Binary/TextMGCP ServerMSRP ServerRTP/RTCP/SRTPRTSP Client/ServerSIP UACSIP UAS ( TT)SIP-I ServerSTUN Client/ServerTURN Client/ServerSigComp ServerVPN DTLS Client/ServerIKEv2 Client/ServerIPSecISAKMP/IKEv1 Client/ServerL2TPv2/v3 Client/ServerOCSP Client/ServerSCEPSSTPTTLS/SSL Client/ServerX.509v3 CertificatesVXLANWireless Zigbee Package– FuzzBox Zigbee APS– FuzzBox Zigbee MAC– FuzzBox Zigbee NWK Thread package– FuzzBox Thread 6LoWPAN– FuzzBox Thread MAC Bluetooth LE Package– ATT Client/Server– Advertisement– HOGP Host– Health– L2CAP Server– LL Peripheral– Profiles– SMP Client/Server Bluetooth Package– A2DP– AVRCP– BNEP– HFP AG/Unit– HSP AG/Unit– L2CAP– MAP Client– OBEX-Server– PBAP Client– RFCOMM– SDP Wi-Fi AP Package– 802.11 WLAN AP– 802.11 WPA AP– 802.11 WPA3 AP Wi-Fi Client Package– 802.11 WLAN Client– 802.11 WPA Client– 802.11 WPA3 Client5G technology GTPv2-C Client/ServerS1AP/NAS Client/ServerGTPv1 Client/ServerE1AP Client/ServerNGAP/NAS Client/ServerX2AP Client/ServerXnAP Client/Server PFCP Client/Server F1AP Client/ServerMonitoring and enginecapabilitiesInstrumentation Valid caseSyslogAgentSNMPCustom scripting at each testingexecutionSafeGuard checkers AmplificationAuthentication bypassBlind LDAP injectionBlind SQL injectionCertificate validationCompressed signer’s name in RRSIGrecordCross-site request forgeryCross-site scriptingECDH Public Key validationExtra cookie compared to valid caseHeartbleedInformation leakageInsufficient randomnessLDAP injection in responseMalformed HTTPRemote executionSQL injection in responseSMP insecure pairing parametersUnexpected dataUnprotected credentialsWeak cryptographyAnomaly categories ASN.1/BER anomaliesCredential anomaliesDeep packet inspectionEICAR antivirus test fileGTUBE (generic test for unsolicited bulkemail)Control plane injection anomaliesInteger anomaliesNetwork address anomaliesOverflow anomaliesUnderflow anomaliesNote: We add test suites frequently. Pleasecontact us for the latest list. synopsys.com 4

The Synopsys differenceSynopsys helps development teams build secure, high-quality software, minimizing risks whilemaximizing speed and productivity. Synopsys, a recognized leader in application security,provides static analysis, software composition analysis, and dynamic analysis solutions thatenable teams to quickly find and fix vulnerabilities and defects in proprietary code, open sourcecomponents, and application behavior. With a combination of industry-leading tools, services,and expertise, only Synopsys helps organizations optimize security and quality in DevSecOpsand throughout the software development life cycle.For more information, go to www.synopsys.com/software.Synopsys, Inc.185 Berry Street, Suite 6500San Francisco, CA 94107 USAContact us:U.S. Sales: 800.873.8193International Sales: 1 415.321.5237Email: sig-info@synopsys.com 2022 Synopsys, Inc. All rights reserved. Synopsys is a trademark of Synopsys, Inc. in the United States and other countries. A list of Synopsys trademarks is available atwww.synopsys.com/copyright.html . All other names mentioned herein are trademarks or registered trademarks of their respective owners. June 2022 synopsys.com 5

DNP3 Client/Server MQTT Client/Server Modbus Master Modbus PLC OPC UA Server Profinet DCP Profinet PTCP Client/Server DLMS/COSEM Client/Server ISASecure Testing Solution Link Management LACP (802.3ad) STP/RSTP/MSTP/ESTP Media Archives Package - GZIP - JAR - ZIP Audio Package - MP3 .