by Richard Walker
At one major federal agency, officials are letting their security techies do just that. "Given the fact that we're such a small group, we need to be dynamic and creative," said a security executive at the agency, who asked not to be identified, citing security considerations.
Using Core Impact Pro, penetration testing software from Core Security Technologies, the agency's security team is able to replicate attacks across networks, Web applications, end-user systems, wireless networks and network devices in its security lab. Because the tool automates the process, only three security specialists are needed to conduct penetration testing of the agency's 7,000 IT assets.