HUNTSVILLE –Sentar has been awarded a Missile Defense Agency (MDA) SBIR Phase II contract to develop technologies for penetration testing of software code.
Software from third parties of often used in mission critical systems without the ability to verify its software system security. Third-party software may contain unidentified vulnerabilities which may be undiscovered or which cannot be verified. The Software Application Protection Process (SAPP) project is developing a software tool to categorize third-party software according to its functional characteristics and automatically select and apply methods of attack against the software. The attacks effectively attempt to “penetrate” the software application by breaking it. The result is an approach to vulnerability testing that does not rely on visual inspection or known vulnerabilities. Undiscovered vulnerabilities are exposed during SAPP penetration testing. The benefit is more secure integrated software systems for mission critical applications.