CORE Security to Showcase Deep Domain Expertise at Black Hat 2012

Security experts to focus on benefits of predictive security intelligence

at premiere
infosecurity conference

Boston, Mass. and Las Vegas, Nev. – July 25, 2012 - CORE Security®, a leading provider of predictive security intelligence solutions, will showcase a number of its recognized security experts and new products at Black Hat 2012. The Black Hat conference series is described as a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world - from the corporate and government sectors to academic and even underground researchers.  Black Hat 2012 will be held in Las Vegas, Nevada from July 21st through July 26th.  CORE Security will be exhibiting at booth

number 409.

CORE Security solutions enable users to move beyond defending IT assets to preempting business risk. Using a predictive security intelligence platform and its robust vulnerability management solutions, organizations can take control of their security infrastructure, communicate risk more effectively, and make better decisions to ensure business continuity.  

CORE’s activities at Black Hat 2012 include:

A  Preview of CORE Impact® Pro version 12.5

CORE Security will be previewing new functionality in the soon-to-be released CORE Impact Pro 12.5, the latest version of its vulnerability assessment and penetration testing software.  Impact Pro 12.5 will include an Identity testing framework, allowing users to quickly identify authentication weaknesses in their environment that could allow an attacker to take control of systems without the need to run any exploits.


CORE Labs is the research center of CORE Security and works to anticipate the future needs and requirements for information security technologies.  CORE Labs provides a holistic view of information security with a focus on developing solutions to complex, real-world security problems that affect its customers.   Representatives, including labs director Ariel Waissbein, will be on hand to discuss ongoing research and projects.

Expert Presentations - Matt Bergin

Matt Bergin, security consultant at CORE Security, will be leading two presentations on

July 25
and July 26. Located in Pod 7 from 10:15 a.m. PT – 11:15 a.m. PT, Bergin will share “PHP injection with phpmap,” which attempts to leverage the lack of input validation on the php eval() function in web applications.

CORE Impact Advisory Council meeting

The CORE Impact Advisory Council will convene its inaugural meeting.  The council is composed of technology experts and power-users of the market-leading Impact product.   These participants are from organizations that are advanced in both strategy and technology deployment for IT security – including CORE’s customer and partner communities, industry experts and academia.

Council members have the opportunity to connect with peers in the security ecosystem, share best practices, exchange ideas, and offer input into future iterations of Impact Pro. The meeting will include presentations from council members, outside security experts, and CORE Security representatives on the Impact Pro product roadmap.   

The CCC - CORE Customer Community event

The CORE Customer Community event, an annual event at Black Hat, is focused bringing together CORE’s customers for networking and sharing best practices and will be held on Thursday for CORE customers.

Stump the Experts

Attendees and CORE users will have the opportunity to try and stump CORE Security experts on various security challenges.   The challenges will take place daily in the company’s customer suite.

A range of social and prospecting activities will also take place during the event. For additional information, visit  For updates on activities at the show, follow on Twitter @coresecurity or on Facebook at


In addition to the Black Hat activities, CORE Security will be present at DEF CON, which follows the BlackHat event.  DEF CON is one of the world’s largest hacker conferences in the world and is being held in Las Vegas from July 26-29 at the Rio Hotel & Casino.

CORE Security consultant Martin Gallo will be presenting, “Uncovering SAP Vulnerabilities: Reversing and Breaking the Diag Protocol.” This talk is about taking SAP penetration testing out of the shadows and shedding some light into SAP Diag, by introducing a novel way to uncover vulnerabilities in SAP software through a set of tools that allows analysis and manipulation of the SAP Diag protocol. Additional details on Martin’s talk can be found here:

About Black Hat

Black Hat provides briefings and training to leading corporations and government agencies around the world. Black Hat differentiates itself by working at many levels within the corporate, government, and underground communities. This unmatched informational reach enables Black Hat to be continuously aware of the newest vulnerabilities, defense mechanisms, and industry trends. Black Hat Briefings and Trainings are held annually in Abu Dhabi, Barcelona, Las Vegas and Washington DC. Black Hat is produced by UBM TechWeb.

More information is available at


About CORE Security

CORE Security is the leading provider of predictive security intelligence solutions for enterprises and government organizations. We help more than 1,400 customers worldwide preempt critical security threats throughout their IT environments, and communicate the risk the threats pose to the business.  Our patented, proven, award-winning enterprise solutions are backed by more than 15 years of applied expertise from CORE Labs, the company’s innovative security research center. For more information, visit


CORE Security, CORE Impact, CORE Insight, CORE CloudInspect and CORE WebVerify are registered trademarks of CORE SDI, Inc. in the United States and/or other countries. All other organizations referenced within this document are trademarks and/or registered trademarks of their respective companies.

Wed, July 25