Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Core Security Technologies announced CORE IMPACT 6, a new edition of the company's flagship software product
2 Min Read
BOSTON -- Core Security Technologies, provider of CORE IMPACT, the first-to-market penetration testing product for assessing specific information security risks, today announced CORE IMPACT 6, a new edition of the company's flagship software product designed to help companies easily and efficiently test their network security policies. This latest version of CORE IMPACT features a completely new framework to simplify client-side penetration testing. Client-side attacks are used to take control of end-user systems and thereby gain access to key corporate assets. This version also includes the next generation of CORE IMPACT's patent-pending agent technology, expanded support for new target platforms, and new data export capabilities for easily incorporating penetration testing results into other databases or products.
"Penetration testing is a critical part of every organization's security process," said Mike Rothman, president and principal analyst of Security Incite. "Given the significant 'innovation' coming out of the hacking community, it's critical that the tools used to perform penetration testing are current and state of the art, simulating new client-side attack vectors and covering prevalent platforms that are increasingly targeted."
New Framework for Efficient Client-Side Penetration Testing
Client-side applications, such as Web browsers, instant messaging, media players, spreadsheets and word processing software, have become increasingly vulnerable to exploit by malicious attackers who often use social engineering techniques. Because of this, enterprises are recognizing the need to verify that their security measures, including end-user education programs, are protecting them against these new threats. To support these efforts, IMPACT 6 has a completely new framework that has been optimized for testing client-side applications in a simple and efficient manner. Core Security has also updated all of CORE IMPACT's existing client-side exploits to take advantage of the new framework capabilities, which include:
New database entities for managing client-side information-CORE IMPACT's database can now store information related to the client-side aspects of a penetration test, including contacts, email addresses and host information.
Client-side information gathering-IMPACT 6 features new information gathering capabilities to enable users to quickly collect contact and email information utilizing a variety of techniques.
Optimized GUI and New Generic View-In addition to IMPACT's existing Visibility View, a new Generic View is now available. This new View includes functionality to search the IMPACT database, and to organize host and contact information into user-created folders, providing quick access to relevant information.
RPT Integration-Ability to leverage IMPACT's unique Rapid Penetration Testing (RPT) graphical user interface and methodology once initial client-side attacks are successful.
"CORE IMPACT 6 demonstrates once again Core Security's commitment to providing leading-edge capabilities for its customers, helping us to better audit the security of our networks," said Larry Pesce, security director, Care New England. "Every security threat report I read today talks about the upswing in client-side attacks, and now I'll be able to quickly and easily assess this for Care New England and evaluate the effectiveness of our internal education programs."
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
