One of the most valuable features of Core Impact Pro is its ability to arm users with the actionable data that they need to drive ongoing IT vulnerability and security management operations. From generating detailed vulnerability exposure details that allow organizations to target remediation efforts, to providing IT and security managers with metrics that illustrate how well their layered point solution defenses are working – or whether they’re compliant with various industry regulations, Core Impact Pro’s onboard reports deliver the powerful information that organizations need to address their most significant weaknesses and help minimize risks.
- Wellness Report
A comprehensive report that reflects the depth of testing required to return the completed testing results. The Wellness Report details all exploits attempted - not just successful exploits.
- Executive Summary Report
A single-page, high-level summary of penetration testing activities and results in a visual format that both IT and business users can understand.
- Attack Path Report
Presents a powerful visual representation of the manner in which tests are able to exploit individual vulnerabilities and achieve subsequent access to other systems and applications.
- PCI Vulnerability Validation Report
The PCI Vulnerability Validation Report provides results of penetration testing performed with the goal of remaining compliant with the Payment Card Industry (PCI) Data Security Standard.
- FISMA Vulnerability Validation Report
Provides results of penetration testing performed by government entities and other organizations working to remain compliant with the Federal Information Security Management Act of 2002 (FISMA).
- Delta Report
Synthesizes a wide range of various testing results to give organizations an integrated view into vulnerabilities resident across a range of different assets, including network systems and client systems.
- Trend Report
With the Trend Report, Impact Pro users can track data from up to 52 penetration tests over time, graphically representing changes in an organization’s security posture as exploitable vulnerabilities are identified, remediated and re-tested.
- Web Application Vulnerability Report
Provides comprehensive information about every security flaw that can be successfully exploited during penetration testing, including those available to SQL Injection, Cross-Site Scripting and Remote File Inclusion attacks.
- Web Application Executive Report
Provides summarized information of every vulnerable web page found during testing and how those problems can be exploited by real-world attackers.
- Activity Report
Offers a detailed log of all testing activity that is being carried out, including the relevant data that organizations might need to share with auditors reviewing their security programs.
- Host Report
Provides Impact Pro users with precise details regarding how their systems and applications can be compromised via real-world hacking or malware attempts.
- Vulnerabilities Report
Provides Impact Pro users with specific details about all the weaknesses successfully exploited during penetration testing and how those flaws can be used by attackers to obtain control of a tested system and establish a beachhead for subsequent activity.
- Client-Side Penetration Test Report
Provides detailed results of assessments performed on endpoints and end users, including information about any social engineering tactics utilized to trigger tests.
- Client-Side User Report
Helps organizations understand exactly how well their end users stand up to social engineering attacks involving both e-mail and Web-based delivery models, including spear phishing assessments.
- Discovered Identities Report
With the ability to perform large scale patching of environments becoming easier, attackers are switching to the attempted use of default and common identities to gain authenticated access to targeted systems. This report represents the ability for the attacker to leverage identities in this targeted environment.
- Wireless Penetration Test Report
Details wireless networks discovered, client-to-access point relationships, and access point profile information. Also includes information about which networks were tested against attacks, which where successfully compromised, and which weaknesses allowed the compromise.
- Mobile Device Reports
Records information on all mobile devices accessed during testing.
- Network Remediation Validation Report
This report shows the effectiveness of the mitigation effort applied following the risk assessment of a network.
- Webapps Remediation Validation Report
This report shows the effectiveness of the mitigation effort applied following the risk assessment of web applications. A retest of each originally identified and reported risk factor was performed and this report illustrates any vulnerabilities that were still found to be present on the environment that was tested.