Core Security Technologies Releases Version 3.3 of Leading Penetration Testing Product CORE IMPACT

Core Security Technologies Releases Version 3.3 of Leading Penetration Testing Product CORE IMPACT

Professional Grade Penetration Testing Product Reveals Exactly How an Attacker Can Get Control of Valuable Information Assets

BOSTON, MA: December 4, 2003 – Core Security Technologies, provider of CORE IMPACT, the first-to-market penetration testing product for assessing specific information security risks, announced the release of CORE IMPACT Version 3.3.

CORE IMPACT allows any network administrator or security engineer to safely and efficiently exploit vulnerabilities within a network, replicating the kinds of access an intruder could achieve. CORE IMPACT makes it easy to perform a penetration test and precisely identify compromisable network assets.

CORE IMPACT Version 3.3 includes a variety of enhancements. This update includes support for Windows XP and WinPcap 3.0, as well as updated modules and exploits. Additionally, CORE IMPACT Version 3.3 includes several performance improvements and an improved memory management scheme.

“We feel that with these enhancements we are better able to meet the needs of our rapidly growing customer base,” said Max Caceres, Product Manager for CORE IMPACT. “With CORE IMPACT, security professionals no longer have to choose between theoretical tests or expensive consultants. Users can now easily, efficiently and cost-effectively assess the real threats to their network information assets.”

Identify the Real Risk to Your Organization With CORE IMPACT:
· Allows organizations to safely mimic real-world attacks by running exploits against a target network
· Conducts all testing procedures methodically in one visual software package
· Comprehensively removes all evidence of the testing process without altering or affecting system.
· Reduces the cost of the critical but previously manual and expensive penetration testing process
· Eliminates false positives. IMPACT reports precisely where a network could be penetrated, the associated security risks
and provide precise information so immediate corrective action can be taken
· Tests for external and internal vulnerabilities, including those that relate to how network components work together

Additional CORE IMPACT Version 3.3 Features and Benefits

CORE IMPACT is designed to replace expensive, inconsistent manual penetration testing with a professional, state-of-the-art automated penetration testing product. CORE IMPACT goes beyond vulnerability scanners by enabling real-world attacks on IT assets and presenting analysis of information security risks in one comprehensive application. CORE IMPACT is the only penetration testing product for IT personnel who must efficiently assess the specific threats to their organization. In version 3.3 of CORE IMPACT, users will find new and updated:

Exploits, Modules and Kernel: CORE IMPACT 3.3 has added several modules to this release, including the Exchange XEXCH50 (CAN-2003-0714), MSRPC DCOM Heap Corruption (CAN-2003-0715) and OracleDB Apache Chunked Encoding overflow (CVE-2002-0392) exploits. For detailed information on these specifics please go to:

Improved Memory Management Scheme: Memory is now handled more efficiently for modules that create a large output report.

User Interface: IMPACT 3.3 now has an augmented GUI.

CORE IMPACT 3.3 is available immediately. The number of targets requiring testing determines the cost. For pricing information please call 617-399-6980 or email us at

About Core Security Technologies
Core Security Technologies develops strategic security solutions for Fortune 1000 corporations, government agencies and military organizations. The company offers information security software and services designed to help customers easily and efficiently assess their specific information security risks. The company’s penetration testing software products are complimented by consulting services that include penetration testing, software security auditing, and related training. Headquartered in Boston, MA, Core Security Technologies can be reached at 617-399-6980 or on the Web at


Thu, December 04