Core Security Adds Web App Pen Testing to Impact

Core Security adds Web application penetration testing capabilities to Core Impact

BOSTON -- Core Security Technologies today announced the addition of web application penetration testing capabilities to CORE IMPACT, the most comprehensive product for performing enterprise security assurance testing. With the addition of web application testing to its comprehensive network and end-user security testing capabilities, CORE IMPACT v7.5 now will enable users to safely assess an organization’s security posture against the top three attack methods that jeopardize data today:

  • penetration of network defenses via exploits designed to compromise vulnerabilities in server operating systems and services, as well as client applications that run on desktop systems
  • deception of employees, contractors and other end users via email-based social engineering attacks, such as phishing and spear phishing
  • manipulation of web applications to access backend data via SQL injection and remote file inclusion techniques

“As web application vulnerabilities become more ubiquitous, cybercriminals are increasingly taking advantage of the trust that organizations place in e-commerce, customer self-service, ERP and other web applications,” said Charles Kolodgy, research director, for Secure Content and Threat Management research at IDC. “Attackers don’t segment their vectors, they combine all the weaknesses they can find into a given attack. Organizations must test accordingly and do so following a safe, repeatable and consistent methodology.”

Core Security Technologies

Editors' Choice
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading