Core Impact is back again with a new version (Professional 10), and just when we thought this product could not get any more powerful it surprises us once again. Those familiar with this product already know that it is one of the most comprehensive penetration testing products on the market, and then last year it became more comprehensive with added vulnerability scanning capability. Well, this year Core Security Technologies added Wi-Fi penetration testing to the list. With this capability, users can now find the Wi-Fi network even if the SSID (service set identifier) is not broadcasting and try to break the encryption key. This works on WEP, WPA and WPA2 networks.
We find this tool to be a solid performer in all areas of vulnerability management. Core Impact can be used to not only run vulnerability scans, but also to try to penetrate vulnerable machines with very targeted attacks. Beyond penetration testing, this product can also be used to conduct mock phishing attempts by sending a suspicious email to employees and reporting back which employees clicked the link in the email.
Documentation provided with Impact includes a user guide, located in the help menu, which provides a deep look at product features and functions, as well as many examples and screen shots. This guide is well-organized and includes many bookmarks for easy navigation.
Core Security offers full customer phone and email technical support available from 8:00 a.m. to 5:00 p.m. ET Monday through Friday, along with free start-up product/user training so customers can get the most out of the solution. The website also includes a support area with a knowledge base and support case submission forms.
At an annual cost of $30,000, this product may seem pricey on the surface, but we find that the amount of functionality, features and power of this product make it an excellent investment for medium all the way up to very large networks.