From Wikipedia, the free encyclopedia
Jump to: navigation, search
Codenomicon Oy
Limited company
Founded 2001
Headquarters Oulu, Finland
Area served
Products Fuzz (Robustness) Testing Tools, Situation Awareness Tools
Services Security Testing Services
Owner Private
Number of employees
Operating system Cross-platform
Type Computer security, Fuzzing, Robustness testing, Network Analysis

Codenomicon Oy is a private company founded in late 2001, and develops fuzz testing tools (also called robustness testing tools) for network equipment manufacturers, service providers, government/defense and enterprise customers. The company has raised Venture money mid-2000s and has been profitable since 2008, with more than 40% growth in sales each year.[1] In 2011, the company acquired Clarified Networks, a situation awareness company.[2]

Codenomicon is based in Oulu, Finland (Europe), and has offices in Saratoga, California, US (North America), Hong Kong (Asia/Pacific) and Singapore (Asia/Pacific).[3]

Codenomicon is also known for having T-shirts that say "GO HACK YOURSELF", which they usually have at their booth during security conferences. This comes from the goal of Codenomicon to enable testers and system administrators to find their own zero-day vulnerabilities, instead of depending on external security consultants, and special hacker skills.

Product lines[edit]


Codenomicon's flagship product is Defensics, a fuzz testing platform for locating unknown vulnerabilities in any type of software. Over 270 Defensics test suites are available for fuzzing specific network protocols and file formats.

Defensics test suites use generational fuzzing, a technique in which the test suite fully understands the protocol or file format being tested. For fuzzing network protocols or file formats for which no test suite exists, Codenomicon also offers template fuzz test suites for IP network protocols and file formats.


AppCheck is a static binary scanner for executable files and firmware images. Using proprietary technology, it performs a software composition analysis on supplied firmware or application, and identifies third-party code that was used to build the binary and provides the following information:

  • Third-party code and libraries in scanned application or firmware
  • Known vulnerabilities in detected third party code
  • Associated software licenses (AGPL, GPLv2, GPLv3, BSD,...)

AppCheck supports scanning mobile applications for Android, iPhone and BlackBerry mobile ecosystems. It also supports Windows (32/64 bit), Linux Intel (32/64 bit), ARM, PPC, Java and several other architectures. Both individual applications, and complete firmware images can be scanned. AppCheck operates purely on supplied binary and does not require source code of the scanned application. It’s available as an online managed service or as an on-site appliance.


AbuseSA is a threat intelligence aggregator that monitors indicators of compromise from various sources, and produces highly accurate and actionable events and reports. It ingests well known feeds such as ShadowServer,, Zone-H, Malc0de, and more. AbuseSA funnels feeds together into a single homogenous information stream, then filters for a specific network or organization. Integration with a customer database gives AbuseSA the ability to automatically respond to incoming abuse events by generating an email, notifying an incident responders, generating reports, or taking other kinds of actions. AbuseSA also includes visualizations of the live data stream, which gives security personnel the opportunity to analyze and examine abuse events in real time.

Robustness testing[edit]

Robustness testing is a model based fuzzing technique and overall black box testing, an extension of syntax testing, that systematically will explore the input space defined by various communication interfaces or data formats, and will generate intelligent test cases that find crash-level flaws and other failures in software.[4] The technique was first described in a University of Oulu white paper on robustness testing published in 2000, by Kaksonen et al.,[5] and Licentiate Thesis by Kaksonen,[6] published in 2001. Fault injection and specification mutations were other names they used for the same approach.[7]

Codenomicon's Defensics product line is also known as a "Fuzzer that does not fuzz",[8] which means that it uses smart anomalies instead of random fuzzing structures. This enables fast test execution, extensive test documentation and better test coverage. Defensics' tools address all fields in the protocols with all effective combinations of anomalies. Traditional fuzzing lacks this capability, as with random inputs that would take too much time to be effective in fast paced test cycles.


Codenomicon and its founders have been developing fuzzing tools since 1996.

The first ideas for the engine were based on ideas the founders had while working at OUSPG, where systematic fuzzing was first used to break ASCII/MIME contents in email clients and web services.[9][10] Later, the same technique was applied to ASN.1 structures in such protocols as SNMP, LDAP and X.509.[11][12]

After Codenomicon was founded in 2001, its DEFENSICS product line has grown to cover over 200 industry-standard network protocols and file formats, including wireless interfaces such as Bluetooth and WLAN. DEFENSICS for XML provides an added capability for testing common XML-based protocols and file formats more efficiently than before.[13]

After Codenomicon was founded, The research side span out into PROTOS Genome project.[14]

In 2014 Codenomicon set up as a summary and Q&A about the OpenSSL Heartbleed bug.


  1. ^ "Codenomicon Newsletter 2010/12". Retrieved 2011-11-03. 
  2. ^ "Acquisition Expands Codenomicon’s Offering of Proactive Defense Solutions. News on EON". 2011-05-23. Retrieved 2011-11-03. 
  3. ^ "Codenomicon history". Retrieved 2011-11-03. 
  4. ^ "LWN Security". Retrieved 2011-11-03. 
  5. ^ "Kaksonen R., Laakso M., Takanen A. Vulnerability Analysis of Software through Syntax Testing. White paper. OUSPG 2001". Retrieved 2011-11-03. 
  6. ^ "Kaksonen, Rauli. A Functional Method for Assessing Protocol Implementation Security (Licentiate thesis). Published in 2001 by Technical Research Centre of Finland, VTT Publications 447. 128 p. + app. 15 p. ISBN 951-38-5873-1 (soft back ed.) ISBN 951-38-5874-X (on-line ed.)." (PDF). Retrieved 2011-11-03. 
  7. ^ "Kaksonen R., Laakso M., Takanen A.. "Software Security Assessment through Specification Mutations and Fault Injection". In Proceedings of Communications and Multimedia Security Issues of the New Century / IFIP TC6/TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS'01) May 21-22, 2001, Darmstadt, Germany; edited by Ralf Steinmetz, Jana Dittmann, Martin Steinebach. ISDN 0-7923-7365-0". Retrieved 2011-11-03. 
  8. ^ Takanen, Ari (2009-08-11). "The Fuzzer That Does Not Fuzz". Retrieved 2011-11-03. 
  9. ^ Mime bugs in Netscape.
  10. ^ "The buzz on the bug – How does the e-mail security bug affect Solaris users? By Stephanie Steenbergen, SunWorld staff". 1998-08-01. Retrieved 2011-11-03. 
  11. ^ "CERT Advisory CA-2001-18 Multiple Vulnerabilities in Several Implementations of the Lightweight Directory Access Protocol (LDAP)". Retrieved 2011-11-03. 
  12. ^ "Edmund Whelan. SNMP and Potential ASN.1 Vulnerabilities. December 2002. SANS Institute InfoSec Reading Room.". Retrieved 2011-11-03. 
  13. ^ XML Security and Fuzzing.
  14. ^ "Viide J., Helin A., Laakso M., Pietikäinen P., Seppänen M., Halunen K., Puuperä R., Röning J. "Experiences with Model Inference Assisted Fuzzing". In proceedings of the 2nd USENIX Workshop on Offensive Technologies (WOOT '08). San Jose, CA. July 28, 2008". Retrieved 2011-11-03. 

External links[edit]

Security advisory links[edit]

Video links[edit]