June 01, 2004
Core Security TechnologiesProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
Functionality and flexibility.
An extremely capable tool for penetration testing.
The use of Core Impact might be considered as training. Your IS personnel will develop and hone their skills as they discover the product's considerable capabilities. Eventually, they will be writing their own scripts and modules (using the open source Python language utilized by the product) to meet the enterprise's special needs.
Core Security Technologies also offers penetration testing consulting and new users may take advantage of this early on to ensure they make the most of this product.
The operational concept uses modules that are developed to undertake tasks such as port scanning, network analysis and penetration "exploits." A comprehensive set of modules is provided as standard and these may be easily updated online to ensure that you have the most current capabilities.
Agents may be deployed strategically to run these modules, and a central database provides a log of this activity with all the information appertaining to the target network.
The level of detail provided is interesting and the provided modules are well documented to explain what they run against and why. When they are run, a summary shows which are active together with start and finish times, while a real-time tabbed window provides a choice of simple outputs or a comprehensive view of exactly what is going on. This is all within a logical and intuitive interface and offers powerful and useful functionality.
Collections of modules may be saved as a project work space for subsequent recall, enabling a consistent approach to penetration testing within your organization.
Reporting capabilities are extensive and will provide a valuable insight into the infrastructure and tests run against it. For organizations that do penetration testing, Core Impact might become their most valued tool.
Sign up to our newsletters
SC Magazine Articles
- CTB-Locker ransomware variant being distributed in spam campaign
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Proposed CFAA revisions agitate IT security community
- New attack uses ransomware to drop trojans and keyloggers
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- Report: From Q3 to Q4, 90 percent increase in global DDoS attacks observed
- Researchers observe databases being encrypted, websites held for ransom
- ZeroAccess botnet reactivates, click fraud activity resumes
- BCBS of Tennessee shares personal data on 80K in marketing campaign
- Tips for organizations in the wake of the biggest corporate hack in history