• Products

• Products Overview

• CORE INSIGHT Enterprise
  Security Intelligence Solution
• Overview
• How It Works
• Dashboards
• Demos
• Data Sheets and White Papers
• Comparing CORE INSIGHT to CORE IMPACT
• How to Buy

• CORE IMPACT Pro
  Penetration Testing Software
  • Overview
  • What It Tests
    • End Users
    • Endpoint Systems
    • Mobile Devices
    • Network Devices
    • Network Systems
    • Web Applications
    • Wireless Networks
    • IPS/IDS, Firewalls and Other Defenses
    • Vulnerabilities Identified by Scanners
  • How It Works
  • Features and Benefits
    • Overview
    • Exploits You Can Trust
    • How Our Exploits Work
    • About Our Client-Side Exploits
    • About Our Agents
  • Vulnerability Scanner Integration
  • Reporting
  • What's New
  • Security Updates
  • Demos
    • Impact
  • Data Sheets, White Papers and Other Resources
  • Intro To Penetration Testing
    • What Is Penetration Testing?
    • Comparing Security Testing Options
    • What To Look For
    • Independent Penetration Testing Resources
    • Conducting Penetration Tests
  • Comparing CORE IMPACT to CORE INSIGHT
  • Training, Certification and Support
  • How to Buy

• Core WebVerify Web
  Application Security Testing Software
  • Overview
  • Web Application Vulnerability Coverage
  • WebVerify vs. Scanners
  • Reveal Implications of Application Vulnerabilities

• Core CloudInspect Cloud Security Testing for AWS

• Demos and Evaluations

• The Research Behind Our Products

• Why Our Products are Safe

• How to Buy

SHARE

How CORE INSIGHT Security Testing and
Measurement Works

CORE INSIGHT follows a seven-step process to continuously identify real-world threats to your critical assets.

Step 1: Environment Profiling

• Tell INSIGHT about your environment topography, for instance:
  • Import info from your network asset mgt solution or network / web scanner
  • Provide a range of IPs
  • Provide a range of web application URLs
  • Provide a list of end user email addresses

Step 2: Campaign Definition

• Define the goal of the INSIGHT assessment campaign (e.g., access a specific customer database).
• Define the scope of systems to be tested (e.g., a specific subnet).
  • Define which systems are in and out of bounds for the campaign
  • Optionally, delegate campaigns to IT staff who own the systems, web app developers, etc.
  • Establish the campaign schedule (e.g., once, daily, weekly, etc.).

Step 3: Attack Path Planning and Simulation

• INSIGHT profiles systems defined by the campaign and identifies potentially vulnerable systems.
• INSIGHT’s attack planning algorithm combines knowledge of system profiles with GPS-like intelligence to determine most likely path(s) to achieve the campaign goal.
• INSIGHT weights potential paths based on exploit efficacy, leveraging CORE IMPACT’s usage statistics and our unique research and field expertise.

Step 4: Attack Replication

• CORE INSIGHT’s Exploit Engine replicates an attacker’s attempts at compromising systems along the paths.
• Can target web applications, network systems, endpoint systems and end users (via phishing).
• All exploits are commercial-grade, developed in-house, and repeatedly updated, QAed and tested.
• Product receives 20-30 new exploits and other modules per month.

Step 5: Adaptive Path Adjustment

• Uses GPS-like intelligence to adjust and recalculate Attack Paths as it attempts to compromise systems, like an attacker would.
• Stays “in bounds” as defined in the campaign.
• Only tests calculated attack paths
• Less disruptive than scanning
• Stealthy attacker behavior

Step 6: Infrastructure Change

• Newly deployed systems that fall within the scope of a campaign (e.g., and IP range) can automatically be tested the next time a campaign is run.
• Ensures that security tests keep up with your changing environment

Step 7: Dashboard / Reporting

• Details real potential for breach of critical assets with no false positives.
• Shows where defenses stop attacks.
• Reveals exposures to attacks that combine different techniques and vectors.
• Details attack paths and penetration points for remediation planning.