Core Security Insight Enterprise
February 03, 2014
Core Security TechnologiesProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full vulnerability management along with risk analysis that is easy to use.
- Weaknesses: None that we found.
- Verdict: Impressive evolution of Core’s usual solid fare. It’s our selection as Recommended.
Insight Enterprise offers a full vulnerability and risk management platform that can be used to analyze and prioritize vulnerabilities throughout the enterprise to ensure that risk from vulnerabilities is handled effectively. This tool can be used to target specific risk factors by weeding through vulnerability data from various scanners and defining where weaknesses really exist.
This solution can be deployed either as a physical appliance or a software virtual appliance anywhere within the network. With the exception of one being physical and one being virtual there really is no difference in the initial setup. At first boot, a short configuration wizard will launch which includes the settings necessary to get the appliance connected to the network and ready for access. This setup includes IP and network information as well as the Active Directory settings for integrated authentication. After the appliance is connected to the network, its web-based management interface can be easily accessed from a web browser. We found the interface to be well-organized and quite intuitive to navigate. We really took notice of the main dashboard screen, which includes charts and graphs providing an excellent overview of the status of the network.
Aside from the gorgeous dashboard, this offering features several modes that allow administrators and security professionals to find the appropriate vulnerability data easily. Insight can take scan results from several vulnerability scanners, including McAfee Vulnerability Manger, Nessus, Nmap, Tripwire, Cenzic and many others and import them for further analysis. With the results imported, administrators can run simulations, live tests and scans right from the web interface. Insight can also be directly integrated with Impact for advanced penetration test functionality.
Documentation included a getting-started guide along with a full user guide. The getting-started guide details how to get the appliance connected and running on the network with clear step-by-step instructions along with a walk-through of the setup wizard. The user guide includes step-by-step instructions on using the product, running scans and overall management of the appliance. This guide also included quite a few screen shots along with clear explanations of features and functions.
Core Security offers eight-hours-a-day/five-days-a-week standard phone- and email-based technical support to customers as part of the purchase price. Customers can also receive additional aid options through a support and maintenance agreement. This premium level includes 24/7 phone and email technical support and all product updates and upgrades. Core also provides an online support portal via its website which includes resources such as a knowledge base and user forum along with training videos, webcasts and how-to guides.
At a price of $40,000, this product has a hefty price tag but we find it to be an excellent value for the money. Core Insight includes a lot of excellent features for not just vulnerability management but also risk analysis in one, easy-to-use and easy-to-manage appliance.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure