Core Security Technologies Extends Automation of Penetration Testing<br>With Release of CORE IMPACT 3.0

Core Security Technologies Extends Automation of Penetration Testing
With Release of CORE IMPACT 3.0

Expedites Assessment of Security Risk in Complex IT Environments

Boston, MA – April 15, 2003

– Core Security Technologies today announced CORE IMPACT™ 3.0, the newest release of the revolutionary penetration testing framework for complex IT environments. Designed to replace expensive, time-consuming manual penetration testing with state-of-the-art automated penetration testing and to go beyond the results of vulnerability scanners, IMPACT enables real-world attacks on IT assets and presents analysis of information security risks in one comprehensive application. IMPACT 3.0 features new functionality focused on maximizing productivity by allowing experienced penetration testers to perform tests rapidly and by accelerating the learning process for less experienced information security professionals. Among the many new features are: a macro-building capability for automatic sequencing of modules; client-side exploits to leverage vulnerabilities on the workstation; and several productivity enhancements such as dynamic filters, a file browser and shortcuts on the Context Menu. IMPACT 3.0, which streamlines the process of penetration testing by replacing tedious, manual methods with professional grade software, is available immediately.

Key new features in CORE IMPACT 3.0 include:

- Macro-building capability. Penetration testers can now build macros that sequence modules, and the results of one module can trigger the next appropriate module automatically.

- Client-side Exploits.
Penetration testers can now compensate for the typical server-side focus of manual pen tests by using new exploits to pinpoint software risks on workstations.

- Automatic Updating of Modules. Penetration testers can receive automatic updating of modules and exploits, along with product updates, from the IMPACT 3.0 menu, ensuring that they are always up-to-date with the latest in professionally developed tools for assessing security risk.

- Scalability for Enterprises. Penetration testers can design tests that attack over 10,000 targets in their IT environment, as verified in beta tests in enterprise networks.

“CORE IMPACT is the culmination of our six years’ experience providing penetration testing services and building analysis tools for customers,” said Max Caceres, Product Manager for IMPACT. “The 3.0 release is squarely aimed at meeting our customers’ need to deploy their personnel wisely on information security analysis and cut costs. IMPACT 3.0 leverages personnel by offering both a GUI for junior staff and advanced functionality for programmer types, but yields actionable results that the whole IT organization can use for decision support in prioritizing security risks CORE IMPACT has exposed. By delivering this value to our customers, IMPACT 3.0 eliminates any reason for penetration testers to continue the inconsistent and time-consuming practice of manual penetration testing.”


CORE IMPACT 3.0 is available immediately. For more information or to see a demo, please contact Core Security Technologies at 617-399-6980 or at

About Core Security Technologies
Core Security Technologies develops strategic security solutions for Fortune 1000 corporations, government agencies and military organizations. The company offers information security software and services designed to assess risk and protect and manage information assets. Headquartered in Boston, MA, Core Security Technologies can be reached at 617-399-6980 or on the Web at

# # #

Tue, April 15