Yesterday, we here at CORE announced a major enhancement to our CORE Insight™ Enterprise solution, with the launch of Insight 3.0. Here are some of the highlights that we announced in yesterday's press release. A recent report from Forrester® Research stated: “To say that the threat landscape is overwhelming is the understatement of the year. Targeted attacks are on the rise with increasing sophistication, and our detection and response capabilities are woefully inadequate. Advanced persistent threats, espionage, spear phishing, and disrupted denial of service attacks dominate the headlines.”1 That same report observed: “Managing vulnerabilities and threats is the No. 2 priority for S&R (Security & Risk) professionals, and the changing/evolving nature of threats is the top security challenge organizations face.” 2 As the Forrester report suggests, today’s attacks on organizations are much more likely to be targeted, stealthy and slow-moving. Vulnerability scanning, virus signatures and firewall rules – even when paired with layered security architectures and consultants to fine tune configurations – rarely close the gap. Business leaders, IT and security stakeholders need to know what’s happening, why it’s happening and what actions to take. They want a single “view” that provides real-time intelligence into their risk posture. Insight 3.0 provides advanced capabilities for a variety of requirements. For customers who have found that their current threat and risk management programs have come up short in their ability to identify meaningful IT risk at the decision maker and business level, Core Insight adds Predictive Security Intelligence technology to map a warehouse of security data to actionable risk information. CORE Insight correlates vulnerabilities, network topographies, and cyber-attack expertise to identify high-probability exposures and attack paths to the assets identified as critical—by the company. This unique combination allows security experts to prioritize and remediate the threats that are most likely to compromise critical assets. Using the intelligence that Insight delivers, organizations can focus resources most efficiently on the high-probability threats. Insight’s advanced reporting capabilities deliver consistent measurement on operational risk at both the executive and technical levels.
For customers that are looking to consolidate their vulnerability scanning, web scanning, pen testing, and threat/risk analysis programs into a single, unified solution, Insight 3.0’s Intelligent Vulnerability Management capabilities will help streamline and refine existing vulnerability management processes. Traditional vulnerability management is a cyclical practice of identifying, classifying, remediating and mitigating vulnerabilities. For most organizations this practice produces overwhelming amounts of data that is nearly impossible to prioritize and substantiate effectively, or with any consistency, using existing IT security resources or budgets. This commonly results in gaps that create risk and leave an organization vulnerable to attack. CORE Insight 3.0 helps to solve this issue by consolidating, analyzing and prioritizing the overwhelming amounts of security data. Insight delivers in-depth analysis of this data to accurately identify attack paths, based on known vulnerabilities and exploits, which can be used to compromise network assets. Insight captures this data to identify the actual vulnerabilities which in turn allows security personnel to remediate the identified network assets far more efficiently. This knowledge allows for better patch management and security resources are used more efficiently and cost-effectively. Insight’s reporting dashboard delivers customized reports based on the user’s role, executive to technical, and helps to answer the question: “How secure is my organization?” Insight/Impact Integration Insight 3.0 also features the full integration of CORE Impact, the industry’s leading penetration testing solution. Once an exploit is validated with CORE Insight, threat simulation scenarios can be fed to CORE Impact for targeted, live exploit testing and layered defense investigation. Deeper ‘what-if’ analysis findings can then be worked back into CORE Insight for risk analysis and modeling, operational qualification and reporting. This integration adds proven Impact functionality to Insight and offers a “closed-loop” process for identifying and remediating exploits. “With today’s constantly-evolving threat landscape, security professionals and business leaders don’t need more security-related data, they need more security intelligence applied to that data. While existing vulnerability management solutions have delivered what they can, they fall short when it comes to analytics and intelligence,” said Milan Shah, senior vice president of products and engineering at CORE Security. “With the delivery of Insight 3.0, we are providing a solution that streamlines the entire vulnerability management lifecycle –prioritizing and reducing risk in context of business, regulatory compliance and operational metrics that allows different types of users to get the available information they need quickly. The integration of Insight and Impact is also a huge step forward, as CORE and the industry moves to more consolidated solutions to deliver security intelligence.”