Core Security Adds Web App Pen Testing to Impact

Core Security adds Web application penetration testing capabilities to Core Impact

Dark Reading Staff, Dark Reading

October 16, 2007

1 Min Read

BOSTON -- Core Security Technologies today announced the addition of web application penetration testing capabilities to CORE IMPACT, the most comprehensive product for performing enterprise security assurance testing. With the addition of web application testing to its comprehensive network and end-user security testing capabilities, CORE IMPACT v7.5 now will enable users to safely assess an organization’s security posture against the top three attack methods that jeopardize data today:

  • penetration of network defenses via exploits designed to compromise vulnerabilities in server operating systems and services, as well as client applications that run on desktop systems

  • deception of employees, contractors and other end users via email-based social engineering attacks, such as phishing and spear phishing

  • manipulation of web applications to access backend data via SQL injection and remote file inclusion techniques

“As web application vulnerabilities become more ubiquitous, cybercriminals are increasingly taking advantage of the trust that organizations place in e-commerce, customer self-service, ERP and other web applications,” said Charles Kolodgy, research director, for Secure Content and Threat Management research at IDC. “Attackers don’t segment their vectors, they combine all the weaknesses they can find into a given attack. Organizations must test accordingly and do so following a safe, repeatable and consistent methodology.”

Core Security Technologies

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

MITRE Corp's logo in blue
Endpoint Security
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti BugsMITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs
byNate Nelson, Contributing Writer
Apr 22, 2024
3 Min Read
The letters EDR/XDR amid binary code
Application Security
Evil XDR: Researcher Turns Palo Alto Software Into Perfect MalwareEvil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
byNate Nelson, Contributing Writer
Apr 19, 2024
4 Min Read
Kuala Lumpur, Malaysia, skyline against the harbor at sunrise
Cyber Risk
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity ProsLicensed to Bill? Nations Mandate Certification of Cybersecurity Pros
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events