Products & Releases

Core Security Ships Core Insight Enterprise Beta

Automated testing and measurement solution is available to its beta customers
BOSTON – Sept 13, 2010 - Core Security Technologies, the market’s leading provider of IT security testing solutions that enable organizations to get ahead of threats and cut complexity to identify their critical real-world exposures, today announced that the beta version of its CORE INSIGHT Enterprise automated testing and measurement solution is available to its beta customers.

Participants in the over-subscribed beta program include over a dozen Fortune 500 firms and established leaders in the banking and health care markets, in addition to several top-level U.S. government agencies.

“CORE INSIGHT Enterprise offers an entirely new manner for organizations to understand where they stand at any given time in direct relation to the actual risks posed to their most valued data and IT assets,” said Larry Whiteside, CISO of the Visiting Nurses Service of New York. “We expect this solution to save us time and improve our overall security posture, while helping to make sense of all the data provided by the many security, vulnerability management and compliance systems that we’ve already put in place.”

INSIGHT Enterprise is the only solution that empowers management with the capability to focus testing on the specific business assets that they define as most critical to their operations. By assessing their IT systems against real-world threats and revealing exploitable pathways to critical assets, customers can effectively answer the question, “Are we more, or less, secure today than we were yesterday?”

The solution’s automated goal-based approach enables organizations to distill the overwhelming amount of data produced by the vast array of today’s IT security systems – and present results in terms relevant to the entire business. As a result, INSIGHT Enterprise gives security management a view into their overall standing in a manner never before available.

CORE INSIGHT Enterprise Beta Release Among the use cases encompassed in the beta program participants are deployments including:

  • A top 20 global bank – striving to improve its fraud management programs through more automated and continuous testing of its worldwide operations.

  • A top 25 U.S. bank – seeking to streamline their vulnerability management programs by identifying its most critical issues and then verifying the effectiveness of its remediation initiatives.

  • A leading U.S. retailer – planning to test hundreds of Web sites and online applications that it maintains as the final stage in its SDLC secure development program.

  • A massive U.S. government installation – looking to give its security team the power to distribute and delegate testing across its operations in an internal service provider model.

    Among the features introduced in the new release is the INSIGHT Enterprise CSO Dashboard, which allows security management to track and benchmark the standing of their most critical assets, while delineating which specific IT assets are vulnerable to breaches.

    Through a unique, highly intuitive graphical interface that features heat maps, trends charts and other easy-to-understand presentation formats, security leaders can utilize the CSO Dashboard to visualize important information including which facilities or areas of the globe represent their most significant points of risk, and how their various IT defensive mechanisms are performing in keeping advanced forms of attack at bay.

    In a recently published research report focused on how enterprises can improve the effectiveness of their overall IT security efforts, Forrester Research Analyst Khalid Kark highlighted the fact that increased use of measurement and metrics will help companies stay ahead of threats and increase ROI.

    “A savvy organization will continue to measure and analyze information that comes from infrastructure and architecture,” Kark said. “Measurement and analysis will provide the necessary visibility into the operational environment as well as help metrics and reporting for consumption at the executive level.”

    How It Works With INSIGHT Enterprise, customers begin by defining which assets are important to their organizations, such as:

  • Systems for financial transactions, operations controls, or other mission-critical functions.

  • Databases housing sensitive information such as financial data, customer or patient records.

  • Data formats such as credit card numbers, social security numbers, or employee ID numbers.

    The product then creates a map of an organization’s IT environment and, using its unique automated attack planning algorithm, plots a path through the map to search and test for exploitable pathways to any critical information – just as an attacker would – via Core’s graph solving technology.

    Inside the enterprise, the solution enables IT security management to distribute and delegate testing responsibilities across individual business units and then feed results back to the dashboard, allowing them to provide security testing as a service throughout their organization. Using CORE INSIGHT Enterprise, organizations gain the ability to perform proactive security testing across their entire IT ecosystem without being forced to hire dedicated experts to carry out assessments or interpret results.

    “The release of the CORE INSIGHT Enterprise beta represents a significant technical achievement on the part of our entire research and development organization. The level of innovation that went into conceptualizing and building this product is stunning, and the end result is a solution that offers capabilities never before available on the market,” said Mark Hatton, CEO of Core Security.

    “The range of organizations participating in the beta program, all of whom represent industry leaders in their respective fields, along with the diversity of strategic benefits these customers are pursuing using INSIGHT Enterprise, only reaffirms our belief that this is a product that can have a dramatic affect on the manner in which people determine where they stand in relation to matters of IT security, risk and compliance – both today and in the future,” Hatton added.

    About Core Security Technologies

    Core Security Technologies enables IT security professionals to get ahead of threats using security testing and measurement solutions that cut through complexity to identify real-world exposures that matter. Using our test and measurement solutions, organizations can proactively validate their security controls while revealing actual risk paths that traverse IT layers to expose critical assets. As a result, our customers gain unprecedented visibility into threats to the business, while measuring risk on a continual basis. Core’s security testing and measurement solutions are backed by trusted vulnerability research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Based in Boston, Mass. and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at: