Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:00 AM
Dark Reading
Dark Reading
Products and Releases

Core Security Solution Addresses Enterprise Vulnerability Management Issues

New Features Include Interactive Attack Paths, Enhanced Exploit Matching and Filtering, Flexible Reporting and Smart Card Authentication

BOSTON, MA and SAN FRANCISCO, CA--(Apr 21, 2015) - Core Security®, a leading provider of attack intelligence solutions, today at RSA Conference 2015 announced the latest version of its vulnerability management solution, Core Insight 4.5.

Core Insight solves the most significant problem plaguing today's enterprise vulnerability management teams: data overload. Ineffective prioritization and patching processes are highlighted by the 2015 HP Cyber Risk Report's finding that 44% of breaches are the result of vulnerabilities which are two to four years old.

Core Insight addresses this problem by consolidating, prioritizing and validating vulnerability management initiatives enterprise-wide. Normalizing multiple vulnerability scans across vendors, matching known exploits and simulating attacks enables users to focus remediation efforts on the most vulnerable points of their networks.

What's new in Core Insight 4.5:

  • Interactive Attack Paths: Tailored for complex environments with thousands of assets that change on a regular basis, Core Insight provides a single view of attack risk throughout the largest networks. Users can quickly model potential threat scenarios on the fly according to risk criteria that are most relevant to their business. This interactive view allows users to quickly modify attack path characteristics to see exactly how an attack could propagate across an organization's network. After high-risk attack paths have been identified and eliminated, users can immediately visualize and report on their improved risk state.
  • Centralized Asset Store: In order to efficiently consolidate and normalize massive amounts of vulnerability data while maintaining overall scalability and performance, Core Insight now leverages a centralized single-instance asset store for simpler data import, faster analytics, and flexible queries. Core Insight comes with pre-defined connectors to Vulnerability Assessment solutions from Tenable Nessus®, Tenable SecurityCenter®, Tripwire IP360™, McAfee® Vulnerability Manager, and Qualys® VM. Additional connectors and integrations are available through a highly extensible API. The results of the data import can be immediately sorted and filtered by vector type, IP, CVE, and server type, among other criteria. This enables organizations with many assets to consolidate and normalize this data in one location for analytics and reporting.
  • Enhanced Exploit Matching & Filtering: To further enhance the vulnerability prioritization capabilities of Core Insight, version 4.5 takes exploit matching to a new level. Users can now filter and prioritize imported vulnerabilities using more than 6.3 million data points found in the Vulnerability Context Catalog. This allows users to create customized threat scenarios representing potential business risk specific to their organization. The results from exploit matching and filtering can be shared in a report or viewed directly in Core Insight.
  • Flexible Reporting: A flexible reporting engine facilitates granular filtering, grouping, and extensive configuration of large amounts of data. This engine allows users the choice of out-of-the-box reports or creating their own reports. Reports are easily customized (branding, pivot tables, visual charts, etc.) through Microsoft Excel templates. After configuring the Excel templates, the report can be shared as a PDF file or imported into Core Insight for future usage. This flexibility makes it easier to share data with co-workers, management and other constituents.
  • Smart Card Authentication: Core Insight now supports digital certificate authentication through web browsers and smart cards. Smart cards (known as Common Access Cards in the public sector) are used on a daily basis by private organizations and federal agencies alike, providing an added layer of security with embedded certificates when accessing sensitive data. Users that are required to use a smart card can now gain secure access to Core Insight simply by inserting the card, connecting to Core Insight via a browser, accepting the browser certificate and entering the related authentication PIN. No additional coding or customization is required.

Core Insight recently received several industry recognitions. In March, the solution earned a perfect five-star rating in the SC Magazine vulnerability assessment group review. In November, Core Insight won Information Security Magazine and SearchSecurity.com Readers' Choice Award, coming out on top in the "Best Vulnerability Management Products" category. In October, the South Carolina Department of Health and Human Services received a CSO50 Award from CSO Magazine for its work with Core Insight.

About Core Security
Core Security provides the industry's first comprehensive attack intelligence platform offering advanced analytics to prioritize, validate and ultimately eliminate security threats. With Core Security, enterprises and security professionals focus on the most likely threats to their business by modeling, simulating and testing the actions of an actual attacker. Core Security helps more than 1,000 customers worldwide identify the most vulnerable areas of their IT environments in order to improve their remediation efforts and better secure their business. The company's patented, proven, award-winning enterprise products and solutions are backed by more than 15 years of applied expertise from CoreLabs research and Core Security Consulting Services.



Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...