Core
» +1 (617) 399-6980   » info@coresecurity.com    » Home    » Contact Us
 

CORE IMPACT PRO OVERVIEW

Replicate Cyber Attacks and Reveal Critical Exposures with Comprehensive Penetration Testing Software

CORE IMPACT Pro is the most comprehensive software solution for assessing the security of web applications, network systems, endpoint systems, email users and wireless networks. Backed by Core Security’s ongoing vulnerability research and leading-edge threat expertise, IMPACT Pro allows you to take security testing to the next level by safely replicating a broad range of threats to your organization’s sensitive data and mission-critical infrastructure. With IMPACT Pro, you gain extensive visibility into the cause, effect and prevention of sophisticated data breaches, enabling you to drive efficient risk mitigation enterprise-wide.

Click above to see how CORE IMPACT Pro answers critical questions about your IT security posture.

Gain Unmatched Visibility into Your Security Posture

CORE IMPACT Pro is the only penetration testing software that allows you to see your network, endpoint, email-user, web application and wireless security as an attacker would. With IMPACT, you can:

  • pinpoint exploitable OS and services vulnerabilities in network and endpoint systems
  • measure end-user response to phishing, spear phishing, spam and other email threats
  • test web application security and demonstrate the consequences of web-based attacks
  • identify at-risk wireless networks, crack encryption codes, and trace attack paths from initial points of wireless exposure to backend resources
  • distinguish real threats from false positives to speed and simplify remediation efforts
  • configure and test the effectiveness of IPS, IDS, firewalls and other defensive infrastructure
  • confirm the security of system upgrades, modifications and patches
  • establish and maintain an audit trail of your vulnerability management practices
  • schedule tests to run automatically on a recurring basis

IMPACT gives you the information you need to effectively secure customer records, financial data and intellectual property. This helps to protect your organization´s reputation, maintain network stability and productivity, and ensure compliance with industry and government regulations.

Integrate Penetration Testing Across Enterprise Systems and Applications

CORE IMPACT Pro enables you to perform frequent, realistic and effective penetration testing throughout your enterprise. After first identifying and validating any vulnerabilities that provide unauthorized access to your network, IMPACT Pro takes the testing process a step further by emulating multistaged attacks that pivot between network systems, endpoints, web applications and wireless networks to access your organization’s most valuable information and resources.

IMPACT enables you to safely assess an organization’s security posture against the top four attack methods that jeopardize data today:

  • penetration of network defenses via exploits designed to compromise vulnerabilities in server operating systems and services, as well as client applications that run on desktop systems
  • deception of employees, contractors and other end users via email-based social engineering attacks, such as phishing and spear phishing
  • manipulation of web applications to access backend data via cross-site scripting (XSS), SQL injection and remote file inclusion techniques
  • cracking of encryption codes to join wireless networks and target backend network resources with localized attacks

The product’s unified interface provides a consistent methodology for replicating data breach attempts that spread among these attack vectors. For instance, IMPACT can replicate an attack that initially compromises a web server or end-user workstation and then propagates to backend network systems. Only IMPACT allows you to utilize penetration testing to assess your information security in such an integrated, comprehensive, in-depth and seamless fashion.

Pinpoint security exposures with a proven Penetration Testing methodology

Whether you use the software’s One-Step Test modules, its automated Rapid Penetration Test (RPT) capabilities, or its in-depth manual testing features, IMPACT Pro enables you to conduct network, endpoint, web application and wireless penetration tests in a consistent and repeatable way. The result is a structured, deliberate penetration testing program that uses benchmarking and measurement to demonstrate the progress of your ongoing vulnerability management initiatives.

You can leverage the CORE IMPACT Pro to frequently, accurately and cost-effectively test:  

  • Server and desktop operating systems and critical OS services
  • Endpoint applications (e.g., web browsers, email readers, instant messaging, media players, business applications, productivity tools, etc.)
  • Endpoint security solutions (e.g., antivirus, anti-phishing, anti-malware, host-based intrusion detection and prevention systems, etc.)
  • End-user awareness of phishing, spam and other social engineering attacks
  • Web applications (e.g., e-commerce, online banking, customer self-service applications, ERP solutions, etc.)
  • Wireless encryption codes (e.g., WEP, WPA-PSK, WPA2-PSK)
  • IDS, IPS, firewalls and other network security solutions
  • Vulnerability scanner results and remediation system effectiveness
  • Security policies and compliance processes for various regulations (e.g., PCI, GLBA, SOX, HIPAA, etc.)
Focus your resources and gain confidence in your security posture

By enabling you to validate network vulnerabilities, end-user threat response, web application exposures, and wireless encryption on a regular basis, CORE IMPACT Pro gives you confidence that your security infrastructure and policies are performing as required. Rather than simply identifying potential threats, you methodically and safely launch real-world attacks that:

  • positively distinguish critical network vulnerabilities from false positives
  • identify exactly where your organization is at risk from social engineering threats, such as phishing, spear phishing and spam
  • validate security exposures in web applications and determine where application code should be improved
  • reveal wireless networks and expose weaknesses in wireless security protocols
  • combine network, client-side, web application and wireless tests to replicate multistaged attacks

As a result you can intelligently plan, prioritize and execute remediation efforts and policy adjustments – ensuring cost-effective use of security and development resources while improving your overall security posture.

Solutions | Products and Services | CoreLabs | News and Events | Partners | Company
Core Security Technologies © 2010 All rights reserved       Disclaimer     Privacy Statement