Core Security Technologies Announces Enhanced Version of its Automated Penetration Testing Product, CORE IMPACT(TM), Focusing on Client-Side Threats.BOSTON -- CORE IMPACT v5.1 Comes in Response to Increased Malicious Attacks on Desktop Applications Core Security Technologies today announced the release of version 5.1 of CORE IMPACT(TM), the first-to-market penetration testing A test of a network's vulnerabilities by having an authorized individual actually attempt to break into the network. The tester may undertake several methods, workarounds and "hacks" to gain entry, often initially getting through to one seemingly harmless section, and from there, product for assessing specific information security risks. The latest version includes enhancements to address the significant increase in client-side attacks on end-user applications and the corresponding customer demand for solutions to protect against these threats. CORE IMPACT v5.1 continues the company's history of continuous innovation in providing automated penetration testing solutions that enable organizations to better secure their networks and protect confidential data. Through its ongoing research and penetration testing market experience, Core has recognized the growing importance of client-side attacks, and continues to enhance CORE IMPACT to help customers test for them more effectively. Recent industry research also identifies this trend. For example, SANS Institute's latest Top 20 report warns that Internet criminals are increasingly targeting popular end-user applications, such as Web browsers The following is a list of web browsers. Historical Historically important browsers In order of release:
Key new capabilities added to CORE IMPACT that augment existing client-side attack capabilities, and enable faster more efficient penetration tests are: --HTTP-based agent connection method - IMPACT's patent-pending agent technology now has the ability to communicate with agents via an HTTP Tunnel HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. , thereby enabling communication during a valid HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. session. This makes it possible to communicate with agents behind a protocol-validating proxy; --Agent Auto-injector capability - IMPACT agents are able to automatically deploy themselves within other active applications, should the initially-compromised application become unavailable; and, --Automatic saving of login Signing in and gaining access to a network server, Web server or other computer system. The process (the noun) is a "login" or "logon," while the act of doing it (the verb) is to "log in" or to "log on. credentials - It is now possible to automatically collect login information on the compromised machine after successful exploitation. "Attackers are constantly developing new ways to compromise the network security. At Core Security, we are committed to helping our customers keep up with the changing threat landscape, and clearly see the consequences of these new avenues of attack," said Paul Paget, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Core Security Technologies. "Our efforts in this release reflect our customers' insistence that we keep pace with the most critical of risks while also improving the speed and flexibility of penetration testing." In addition to augmenting client-side attack capabilities, CORE IMPACT v5.1 provides enhancements to existing functionality, including: --Improved OS detection - OS Detection has been augmented with efficiency improvements and incorporates Neural Nmap OS stack fingerprinting, a capability that combines a neural network neural network or neural computing, computer architecture modeled upon the human brain's interconnected system of neurons. Neural networks imitate the brain's ability to sort out patterns and learn from trial and error, discerning and extracting with Nmap's fingerprint fingerprint, an impression of the underside of the end of a finger or thumb, used for identification because the arrangement of ridges in any fingerprint is thought to be unique and permanent with each person (no two persons having the same prints have ever been database to more accurately match OS responses to signatures. The neural network OS detection technology was developed in collaboration with Core Security's research arm, CoreLabs; --Pass-the-hash for Install using SMB (1) (Small to Medium-sized Business) Also called "SME" (small to medium-sized enterprise), it refers to companies that are larger than the small office/home office (SOHO), but not huge. - Collected Windows password hashes can now be used directly to install agents in Windows hosts using the SMB protocol; --Updated Interface - IMPACT's graphical user interface graphical user interface (GUI) Computer display format that allows the user to select commands, call up files, start programs, and do other routine tasks by using a mouse to point to pictorial symbols (icons) or lists of menu choices on the screen as opposed to having to has been updated with improved navigation and an enhanced look overall. The docking panels are now more flexible and can be further customized to each user's preference; and --Improved documentation - Updated documentation is provided throughout the product. CORE IMPACT v5.1 is available now at no charge for existing customers as part of their annual subscription service. CORE IMPACT is now used by more than 250 organizations worldwide. About Core Security Technologies Core Security Technologies develops proactive solutions that help security-conscious organizations worldwide. The company's flagship product A primary product of a company, which is typically why the company was founded and/or what made it well known. For example, MS-DOS, Windows and the Microsoft Office suite have been flagship products of Microsoft. CorelDRAW is a flagship product of Corel Corporation. , CORE IMPACT, is the first automated penetration testing product for assessing specific information security threats to an organization. Penetration testing evaluates overall network security and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core augments its leading technology solution with world-class security consulting services Noun 1. consulting service - service provided by a professional advisor (e.g., a lawyer or doctor or CPA etc.) service - work done by one person or group that benefits another; "budget separately for goods and services" , including penetration testing, software security auditing and related training. Headquartered in Boston, MA, Core Security Technologies can be reached at 617-399-6980 or on the Web at http://www.coresecurity.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion