about Ari Takanen
Ari Takanen's picture
» View my blog

Ari Takanen

Member since: 07/15/08 Last log in: 10/23/08 at 4:43 am
Posts: 6 Comments: 2

Ari Takanen is founder and CTO of Codenomicon (www.codenomicon.com). Since 1998, Ari has focused on information security issues in next-generation networks and other security critical environments. He began this work at Oulu University Secure Programming Group (OUSPG) as a contributing member to PROTOS research. His current company, Codenomicon Ltd. provides commercial solutions for security testing of communication devices and networks. Ari has been speaking at numerous security and testing conferences, and has been invited to speak at leading universities and international corporations.

  • Company: Codenomicon
  • Industry: Tech: Manufacturing - Hardware/Software
  • Job title: CTO
  • Company size: 50 - 99
  • Country: Finland
What makes me tick
What I'm reading now
Zero Day Threat by Acohido and Swartz
Ask me to do anything but
programming (I can but I do not want to)
In high school I was
a boring nerd with all A's
Web sites/blogs I can't live without

SecurityFocus

My favorite gadget
Nokia Communicator (legacy one)
If I had a superpower it would be
Mind-reading
If I could travel in time, I would go to
Medieval times
View all comments»
What I've said

Digium definitely touches

Digium definitely touches many of the points I made in the original post as it is kind-of free and kind-of open source. Motivation for a QA budget can be problematic when you cannot really show any return for the investment (i.e. more sales).

(Is There) Motivation for VoIP Fuzzing | 9/15/08 at 5:30 am | Reply | Report as spam

Thank you for the

Thank you for the definitions for each of these. Unfortunately still today, there are as many definitions as there are security consultants. As my background is in fuzzing, I do not really agree with these definitions. If we do an assessment, we run tools (our own fuzzers, and other available fuzzers and non-fuzzers from other companies) to mostly find unknown vulnerabilities. We can find known issues also, but that is not the purpose of the assessment. This in most cases is an "audit" (or assessment, or test, or review) against a carefully designed test specification, sometimes dictated by the industry and in almost every case pre-run in similar form by an another party. Often this is part of a certification process. And yes, the tools are very similar to what a hacker would use in what you call "penetration test".

VoIP security auditing is becoming more and more complex ... Not! | 8/19/08 at 7:53 am | Reply | Report as spam
View all posts»
What I've posted
Free stuff

Win an Amazon Kindle!
This month's giveaway gadget - Amazon's Kindle - will keep you entertained on the long trip home to visit family and friends over the holidays. Enter the drawing now!

Applied Security Visualization
By Raffael Marty
Published by Addison-Wesley Professional
Learn more!

 

IT Manager's Handbook
By Bill Holtsnider and Brian D. Jaffe
Published by Morgan Kaufmann
Learn more!

 

Windows Vista Resource Kit
By Mitch Tulloch, Tony Northrup, and Jerry Honeycutt
Published by Microsoft Press
Learn more!

Featured Sponsor
Case Study: AISO grows its "green" business

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

Download this white paper »
Myth of the Million Dollar Database

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

Download this white paper »
Success Story: Weather.com handles whatever nature serves up

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Download this white paper »
More Resources