By Matt Hines
August 14, 2006
Core Security Technologies released an update to its penetration-testing automation software on Aug. 14, promising to help companies more effectively test their networks for potential security loopholes.
Dubbed Core Impact 6.0, the product boasts a completely retrenched applications framework that the vendor claims will greatly improve the efficacy and ease of use of its tools.
The rebuild is centered on a new version of the software agent that carries out the penetration testing itself. Core says the agent is capable of recreating the most sophisticated attacks on the security landscape without actually altering or damaging the systems it is being run on.
One of the major steps forward in the release, according to Core executives, is the product's addition of penetration testing for so-called client-side applications, such as Web browsers, spreadsheets and multimedia players, which have become the focal point for many emerging IT security attacks.
"There have been a number of high-profile incidents such as the MySpace compromise that have targeted client-side weaknesses to deliver their payloads, and attackers are only going to increase their focus on these types of threats because the vulnerabilities are so easy to exploit," said Max Caceres, director of product management at Core, in Boston.
"At the same time, the vulnerabilities in endpoint security tools are becoming harder to control, so there's a definite need for more penetration testing in general," Caceres said.
Other new features in the product include database tools for managing client-side information that will allow the product to store information related to the client-side aspects of a penetration test, including any involved contacts, e-mail addresses and host information.
Another addition is a revamped user interface with a new "generic" view that can be used to search the product's database and organize data about scans in user-created folders, which the company said would speed users' access to test results.
Core also added support for Apple Computer's Mac OS X operating system, as the platform is becoming more widely used in businesses, and also the subject of a larger number of emerging attacks.
Charles Kolodgy, an analyst with IDC, based in Framingham, Mass., said Core's approach remains unique as the market for penetration testing continues to mature, which could help Core Impact find a home with more customers. By having tools in-house with which to complete the work typically left to outside auditors, companies can ensure that the everyday changes they make to their networks don't result in serious vulnerabilities.
Another selling point that may appeal to users is the ability to test the status of other security technologies using Core Impact, according to the analyst.
"It seems like there's some interest among customers in automating some of these responsibilities," Kolodgy said. "The issue that people have is that when they're doing pen testing as a service, the expertise isn't with you all the time, but their environment is changing all the time with new devices and applications; having your own tool to do testing constantly, rather than waiting for audits, is an idea that some companies may adopt."