Core Security Extends IMPACT Product Line to Address Universal Demand for Comprehensive Security Testing


To Proactively Expose Vulnerabilities, Measure Operational Risk

and Assure Security Effectiveness, Core Security Now Offers

IMPACT Pro and IMPACT Essential

BOSTON, MA - August 4, 2008 - Core Security Technologies today announced a major milestone in its corporate and product strategy, positioning its proactive vulnerability management solutions to best serve the growing demand for security testing across the full range of organizational models and enterprise computing environments. To give users the greatest breadth and depth of testing options, Core Security has diversified its product line by introducing CORE IMPACT Essential. As part of this extension of its software solutions, Core is also announcing version 7.6 of its flagship product henceforth to be known as CORE IMPACT Pro, which will be delivered in September.

Collectively, the two products will now support a comprehensive set of enterprises and computing environments, delivering on the need for organizations to proactively expose vulnerabilities, measure operational risk and gain visibility into the efficacy of security mechanisms throughout their infrastructure.

“It’s clear that organizations have embraced security testing as a critical process for measuring the effectiveness of their security infrastructure and improving their ability to manage risk,” said Mark Hatton, CEO, Core Security Technologies. “Our ability to continue to adapt our solutions to the diverse needs of the marketplace and help companies stay ahead of threats in a proactive manner remains the strength of our company and our dedicated CoreLabs researchers.”

Charles Kolodgy, research director for secure content and threat management products at analyst firm IDC, anticipates that companies of all sizes and architectures are going to be actively assessing their overall security posture and proactive testing is one of the most effective methods to do so. He said, “Organizations need to be more aggressive about isolating their most significant risks and prioritizing their efforts around those problems, and testing allows you to do this quickly. CORE IMPACT Essential provides all organizations with a tool to assist them in effectively managing their vulnerabilities.”

One Size Does Not Fit All: Introducing CORE IMPACT Essential

With threats increasingly being tailored specifically to exploit the range of defensive mechanisms, the need for proactive security testing has likewise expanded to include every example of organizational structure.

While the CORE IMPACT Pro solution provides a fully comprehensive, customizable package of testing capabilities to address an organization’s entire IT and networking infrastructure across the broadest range of assets, CORE IMPACT Essential offers a strategic combination of simplified testing capabilities and automation designed to meet a targeted subset of testing needs.

CORE IMPACT Essential is the perfect security testing product to address the requirements of:

  • Large enterprises seeking to extend testing capabilities to branch offices.
  • Distributed enterprises with remote operations.
  • Smaller enterprises seeking to maximize vulnerability scanner results.
  • Computing environments with limited onsite IT expertise.
  • Organizations seeking to extend departmental testing capabilities.

“As a long time CORE IMPACT customer we’re excited to bring Essential onboard to augment our implementation of Pro and expand our use of proactive security testing to branch offices statewide,” said Robert Maley, chief information security officer, Commonwealth of Pennsylvania. “As with many organizations today, we have a broad range of IT assets distributed across a number of locations, and the combination of the two products will allow us to administer tests quickly and easily throughout all our different operations. Until now we’ve had to rely on the use of network scanners in many distributed locations, but they simply do not provide the same level of specific, actionable information that allows us to isolate and address pressing areas of risk that need to be addressed immediately.”

Maintaining Leadership: Introducing CORE IMPACT Pro v7.6

Along with adding CORE IMPACT Essential to its product line, Core Security is proud to announce the latest version of its flagship security testing software, CORE IMPACT Pro v7.6. Continuing in its predecessors’ footsteps as the most powerful, comprehensive security testing and vulnerability assessment package on the market today, and leveraging the industry’s only commercial-grade capability to analyze and measure exploitable risks across a broad range of platforms and potential threat vectors, v7.6 offers enhancements including:

  • IPv6 network support for organizations required to meet the June 30, 2008 deadline to have an IPv6-capable backbone.
  • A new Module Wizard that guides users through the process of creating templates for launching their own customized exploit modules.
  • Added support for the use of Pro’s open Python debugging tools to make the creation of complex custom modules easier and more efficient.

Other significant enhancements in v7.6 address the product’s web application testing capabilities including:

  • Detection of additional critical vulnerabilities that make possible the take-over of underlying server operating systems.
  • Improved management and presentation of discovered vulnerabilities for more efficient and thorough testing.
  • Improved cookie handling for easier testing of web applications that involve user authentication.

CORE IMPACT Essential is available immediately and CORE IMPACT Pro v7.6 will be available in September.

About Core Security Technologies

Core Security Technologies is the leader in comprehensive security testing software solutions that IT executives rely on to expose vulnerabilities, measure operational risk and assure security effectiveness. The company’s CORE IMPACT product family offers a comprehensive approach to assessing the security of network systems, endpoint systems, email users and web applications against complex threats. All CORE IMPACT security testing solutions are backed by trusted vulnerability research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at


Tim Whitman or Justin Drake    

Schwartz Communications

(781) 684-0770

Mon, August 04