Think Like An Attacker™ technology uses advanced analytics to identify and prioritize vulnerabilities for remediation
Boston and Las Vegas – August 6, 2014 – Core Security®, a leading provider of attack intelligence solutions, today announced the latest version of the Core Attack Intelligence Platform. The patented technology surpasses traditional vulnerability management solutions by consolidating, prioritizing and validating the overwhelming quantity of vulnerabilities identified by scanners. Narrowing the list of critical vulnerability data by up to 90 percent allows security teams to focus remediation efforts on the most critical business risks, significantly improving their efficiency and overall security posture.
The Core Attack Intelligence Platform helps security professionals Think Like An Attacker™ by combining the capabilities of Core Security Consulting Services, Core Impact Pro and Core Insight. Backed by more than 15 years of applied expertise and focus on attacker behavior, Core’s patented attack path planner enables security professionals to associate known threats, vulnerabilities and attack patterns with security and network data to identify potential attack paths to critical business assets – narrowing the scope from what is possible to what is most likely.
“The Core Attack Intelligence Platform helps us cut through the noise, identify the most significant vulnerabilities and take risk-appropriate action,” said James Manint, chief information security officer at CB&I. “It paired seamlessly with our existing infrastructure. We’re still using our scanners, but we’re no longer overwhelmed by thousands of vulnerabilities after every scan. We’re focused on closing gaps where it matters.”
Analysts agree that organizations need to improve their ability to focus on the most important threats to ultimately lower their security risk. According to Forrester Research, Inc. “Security must do a better job of detecting, prioritizing, and addressing vulnerabilities in the environment to prevent security incidents in the first place".¹
“Many of our public sector customers are performing basic vulnerability management but are unsure where to focus their limited resources among a growing volume of data,” says Michael Shrader, vice president of Intelligence and Innovative Solutions at Carahsoft Technology Corp. “Through our partnership with Core, we are able to offer our customers and reseller partners a solution that identifies critical vulnerabilities to patch, focusing their efforts, and giving them greater confidence in their overall security posture.”
What’s New in the Core Attack Intelligence Platform:
Expanded and Configurable Attack Path Planning - Attack path planning is expanded to include private, theoretical, virus and malware exploits in addition to Core Security and Metasploit exploits. The attack path planning results can be customized using various filters such as network connectivity, location, and potential business impact to help organizations prioritize known attack paths according to their own risk criteria.
Distributed Penetration Testing - Organizations that are distributed across geographic locations are now able to execute penetration tests from a remote location, no matter where the target system resides, eliminating the need to be physically present to perform validation tests.
Protection against the Consumerization of IT – The Core Attack Intelligence Platform added enhancements to two major vectors affecting IT: mobile and Wi-Fi. The new platform provides an Android agent and also offers support for Wi-Fi Pineapple Mark V devices, enabling customers to exploit mobile vulnerabilities, as well as execute more sophisticated man-in-the-middle attacks.
“The threat landscape is constantly evolving. Without the proper intelligence and analytics, it would be impossible for any company to keep up,” said Mark Hatton, president and CEO of Core Security. “With the Core Attack Intelligence Platform, they can stay a step ahead. We take great pride in helping these organizations meet their vulnerability management goals while reducing their administrative overhead. When we reduce their security worry, they can focus on what they do best – serving their customers.”
For additional information on the Core Attack Intelligence Platform, please visit www.coresecurity.com/products.
About Core Security
Core Security provides the industry’s first comprehensive attack intelligence platform offering advanced analytics to prioritize, validate and ultimately eliminate security threats. With Core Security, enterprises and security professionals focus on the most likely threats to their business by modeling, simulating and testing the actions of an actual attacker. Core Security helps more than 1,000 customers worldwide identify the most vulnerable areas of their IT environments in order to improve their remediation efforts and better secure their business. The Company's patented, proven, award-winning enterprise products and solutions are backed by more than 15 years of applied expertise from CoreLabs research and Core Security Consulting Services. For more information, visit www.coresecurity.com.
Core Security, Core Impact Professional, Core Insight Enterprise, Core Secured, and CoreLabs are registered trademarks of Core SDI, Inc. in the United States and/or other countries. All other registered or unregistered trademarks are the sole property of their respective owners.
¹”Defend Your Data From Cyberthreats With A Zero Trust Network”, Forrester Research, June 11, 2014