Core Security Core Insight
Strengths: Prioritization of vulnerabilities.
Verdict: A bit expensive but very powerful. Recommended.
Core Security's Core Insight is the gold standard for penetration testing and vulnerability assessment. It both scans and pen-tests on its own, but also aggregates data from other sources, like Qualys, Nessus and many others. Its standout features - annual pen-tests, suggested attack paths analysis of pivots, as well as putting pivots in the tested computers themselves - really separates Insight from other products in this category.
Core Security gave us a VM in a test environment. This VM was able to quickly draw up a full network map, so it was easy to familiarize ourselves with a completely new environment. There was some training Core Security gave us on the product, which was helpful, as this tool has a little bit of a learning curve, but is very easy to use once you have the hang of it.
Insight has excellent permissions control - at the time of creating a campaign, one simply drags and drops the appropriate users. Where Core Insight really gets its bang for your buck though is contextually valuing your security vulnerabilities. Core Insight takes network maps, a long list of vulnerabilities, sometimes thousands, and tells you which ones you absolutely need to fix. In our case, we had narrowed down 12,000 vulnerabilities to about 80 important ones. The tool does this by figuring out which computers can be pivoted off of, and where they can pivot to, favoring the shorter paths to the more critical infrastructure. The time saved by narrowing vulnerabilities down, and doing so intelligently, gives someone a place to start securing the network.
Insight includes a manual pen-test mode, for those who would like more than just a few scans. Scanners can pick up false alarms - every one of them does - and nothing tests a vulnerability quite like exploiting it does. Core Insight has a massive database of exploits of its own, as well as support for third-party exploits, all from a web interface. The manual pen-test is as simple as point-and-click, anyone could do so with very little experience. It made pivoting and following the suggested attack paths seem like child's play.
The purchase of Core Security's Core Insight costs $66,000 for the Virtual Machine with support for 1,000 assets and two remote auditors, and $10,000 per each hardware appliance, then 18 percent on top of that for support for the first year. Support is available 7 a.m. to 7 p.m. five days a week through web, email and phone, as well as a 24/7 forum, and access to private and customer-only web-based training sessions and free upgrades.
Core Insight is the most feature-rich product we've tested. However, it was the most expensive product as well, and is most effective when paired with other vulnerability scanners. That said, Core Insight is worth every penny. It is a premium product with no compromises made, and an absolute pleasure with which to work. It was a clear choice to make this our Recommended product.