June 01, 2004
Core Security TechnologiesProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
Functionality and flexibility.
An extremely capable tool for penetration testing.
The use of Core Impact might be considered as training. Your IS personnel will develop and hone their skills as they discover the product's considerable capabilities. Eventually, they will be writing their own scripts and modules (using the open source Python language utilized by the product) to meet the enterprise's special needs.
Core Security Technologies also offers penetration testing consulting and new users may take advantage of this early on to ensure they make the most of this product.
The operational concept uses modules that are developed to undertake tasks such as port scanning, network analysis and penetration "exploits." A comprehensive set of modules is provided as standard and these may be easily updated online to ensure that you have the most current capabilities.
Agents may be deployed strategically to run these modules, and a central database provides a log of this activity with all the information appertaining to the target network.
The level of detail provided is interesting and the provided modules are well documented to explain what they run against and why. When they are run, a summary shows which are active together with start and finish times, while a real-time tabbed window provides a choice of simple outputs or a comprehensive view of exactly what is going on. This is all within a logical and intuitive interface and offers powerful and useful functionality.
Collections of modules may be saved as a project work space for subsequent recall, enabling a consistent approach to penetration testing within your organization.
Reporting capabilities are extensive and will provide a valuable insight into the infrastructure and tests run against it. For organizations that do penetration testing, Core Impact might become their most valued tool.
SC Magazine Articles
- USAA members hit with multiple phishing attacks
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- U.S. government extends offer to protect states from electoral cyberthreats
- Two-thirds of IT security pros surveyed expect a breach to hit their company, report
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- WhatsApp to share users' phone numbers with Facebook
- Researchers find seven classes of vulnerabilities in iOS sandbox security feature
- Lost devices leading cause of data breaches, report
- Data breach hits Whitehead Nursing Home in Northern Ireland
- 47% of NHS Trusts in England admit to falling victim to ransomware