PENETRATION TESTING is a standard method for evaluating an organization's network security posture. These assessments can be performed from the standpoint of a malicious insider on the corporate network or a malicious outsider trying to compromise systems from the Internet. Some organizations perform these tests internally, but most hire outside consulting firms.
In either case, because there is no standard method of performing a penetration test, the quality of the results depends to a great extent on the knowledge and skill of the penetration testers on the job that day. Core Security Technologies has addressed this problem with Impact, a penetration testing framework that allows organizations to share knowledge and provide consistency across testing engagements. Its ease of use, innovation, and flexibility earned it a Deploy rating in our tests.
(...)
Impact is a revolutionary product that could be just what network managers need to formalize penetration tests, providing exploit code, detailed logging and reporting, as well as easy cleanup. Any organization consistently performing penetration tests should consider using this product.
Complete article >> http://www.infoworld.com/articles/ne/xml/02/06/17/
