June 01, 2004
Core Security TechnologiesProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
Functionality and flexibility.
An extremely capable tool for penetration testing.
The use of Core Impact might be considered as training. Your IS personnel will develop and hone their skills as they discover the product's considerable capabilities. Eventually, they will be writing their own scripts and modules (using the open source Python language utilized by the product) to meet the enterprise's special needs.
Core Security Technologies also offers penetration testing consulting and new users may take advantage of this early on to ensure they make the most of this product.
The operational concept uses modules that are developed to undertake tasks such as port scanning, network analysis and penetration "exploits." A comprehensive set of modules is provided as standard and these may be easily updated online to ensure that you have the most current capabilities.
Agents may be deployed strategically to run these modules, and a central database provides a log of this activity with all the information appertaining to the target network.
The level of detail provided is interesting and the provided modules are well documented to explain what they run against and why. When they are run, a summary shows which are active together with start and finish times, while a real-time tabbed window provides a choice of simple outputs or a comprehensive view of exactly what is going on. This is all within a logical and intuitive interface and offers powerful and useful functionality.
Collections of modules may be saved as a project work space for subsequent recall, enabling a consistent approach to penetration testing within your organization.
Reporting capabilities are extensive and will provide a valuable insight into the infrastructure and tests run against it. For organizations that do penetration testing, Core Impact might become their most valued tool.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards