Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


06:35 PM
Dark Reading
Dark Reading
Products and Releases

Core Security Posts Record Growth In Revenues, Sales In Q4

Also added 100 new customers

BOSTON " Jan. 12, 2009 - Core Security Technologies, provider of CORE IMPACT Pro, the most comprehensive product for proactive enterprise security testing, today announced that it experienced record growth in 2009 highlighted by gains in its annual revenues and continued expansion of its customer base.

Specific milestones achieved by Core during 2009 include:

  • Double-digit revenue growth and record sales in Q4.

  • Addition of 100+ new customers to total over 900.

  • Record renewal rates.

  • Staff expansion to encompass development on three continents plus key executive additions.

  • Release of two major product versions, including the addition of wireless penetration testing.

  • High-profile CoreLabs research reports, advisories and government advocacy.

    Market-Leading Performance

    While many industry watchers suggested that the sluggish worldwide economy would have a negative effect on growth across most IT markets during 2009, Core Security achieved record revenues during the year. Compared to calendar 2008, privately held Core charted a double-digit gain in annual sales, driven by strong demand across major verticals including financial services, government, health care and education. Over the last five years, Core has achieved a compound annual growth rate of just under 50 percent.

    As the market for automated penetration testing solutions expanded rapidly over the last year, Core was consistently recognized by customers and industry analysts alike as the clear leader in terms of product and business maturity. This leadership was also highlighted by awards presented to Core by leading industry publications including SC Magazine (Top 20 Technologies of the Last 20 Years) and Channel Web Magazine (PCI: 20 Hot Compliance Products).

    The company closed 2009 with over 900 customers including over 25 percent of the Fortune 100.

    "Gaining visibility into security readiness continued to be a top-of-mind initiative for organizations in 2009," said Mark Hatton, CEO at Core. "This was evident in our many interactions with IT leaders seeking more effective ways to assess their exposure to IT risks, gauge their regulatory compliance standing, and filter through mountains of security systems and event data. They licensed CORE IMPACT in record numbers to address these challenges."

    Core Security also achieved its highest-ever license renewals during 2009, markedly exceeding industry-standard client retention rates as customers leveraged the benefits of automated penetration testing to expose real-world web application, wireless, client-side, and network threats in their IT infrastructures.

    Global Business Expansion During 2009, Core expanded its product development capabilities to span three continents and benefit from a truly global workforce. In addition to its primary product development team in Buenos Aires, Argentina, Core established development operations in Boston, Mass. and Bangalore, India.

    Core also brought onboard experienced senior executive leadership to help guide both its sales and development efforts, with Steve Pace joining the company as vice president of sales and Milan Shah occupying the newly created role of senior vice president of engineering.

    Consistent Product Advancement

    As scheduled, Core Security produced two new iterations of its CORE IMPACT Pro automated penetration testing solution, adding new levels of breadth and depth while continuing to refine its market-leading user interface and reporting capabilities. Among the most noteworthy expansions of the solution was the addition of wireless penetration testing capabilities fully integrated with its existing network, endpoint, web applications and end-user assessment functions, along with marked extension of the product's web applications testing features. IMPACT Pro's reporting capabilities specifically advanced via the addition of new cross-asset trends and graphical attack path report features, which allow customers to visualize successful avenues of attack against their most critical information assets.

    Core Security also launched another major product initiative in 2009 via the introduction of its User Statistics collection and usage sharing features. IMPACT Pro customers opt-in voluntarily and transmit anonymous testing data (i.e., number and types of exploits run, etc.) back to Core. Participants were able to begin viewing statistics trends drawn from across the customer community directly in the product's dashboard. In addition to providing the company with key usage data to help guide its future exploit and product development, participating customers (over 20 percent of total install base) have responded extremely favorably to the intelligence they have garnered from viewing testing trends across the broader IMPACT Pro user community. In particular, customers have cited the capability to benchmark their security posture both internally and against their peers as being fundamental in setting risk management objectives for the coming year.

    Industry-Leading Research and Government Standards Participation The work of CoreLabs researchers also experienced unparalleled heights during 2009, with experts participating in numerous speaking engagements at leading industry trade shows around the globe and publishing a record number of high-profile vulnerability advisories.

    Among the most noteworthy and highly publicized reports presented by CoreLabs researchers were talks delivered at the CanSecWest, Black Hat USA and OWASP Appsec conferences " detailing pressing issues including the ability to create BIOS-borne root kits; the opportunity to compromise onboard laptop security features to gain remote control of the machines; and new techniques for automatically discovering and exploiting cross-site scripting vulnerabilities in arbitrary web applications. Noteworthy advisories included vulnerabilities discovered in products made by companies including Apple, HP, IBM and Microsoft.

    Core Security also reinforced its commitment to help the U.S. government improve its ability to deal with the worldwide cybercrime epidemic. Core experts testified before the U.S. Senate Homeland Security committee and chaired the Threats Working Group of the CSIS Commission on Cyber Security for the 44th Presidency, which will provide revised recommendations to the Obama administration early in 2010.

    About Core Security Technologies Core Security Technologies is the leader in commercial-grade penetration testing software solutions that IT executives rely on to expose vulnerabilities, measure operational risk and assure security effectiveness. The company's CORE IMPACT product family offers a comprehensive approach to assessing the security of network systems, endpoint systems, wireless networks, email users and web applications against complex threats. All CORE IMPACT security testing solutions are backed by trusted vulnerability research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Based in Boston, Mass. and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at: http://www.coresecurity.com.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    FluBot Malware's Rapid Spread May Soon Hit US Phones
    Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
    7 Modern-Day Cybersecurity Realities
    Steve Zurier, Contributing Writer,  4/30/2021
    How to Secure Employees' Home Wi-Fi Networks
    Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
    Register for Dark Reading Newsletters
    White Papers
    Cartoon Contest
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    How Enterprises are Developing Secure Applications
    How Enterprises are Developing Secure Applications
    Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2021-05-07
    An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
    PUBLISHED: 2021-05-07
    An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
    PUBLISHED: 2021-05-07
    An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
    PUBLISHED: 2021-05-07
    An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
    PUBLISHED: 2021-05-07
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...