I am contractually obligated to write a year in review post, as are most of the bloggers at this time of year. Fortuitously as I looked back over 2011 there are plenty of things to write about. As the curse goes, we lived in interesting times over the course of 2011.
Organized attacks, something us (we?) in the industry knew had been happening for quite some time became front page news when the folks behind them used the results of those attacks to publicly shame companies and try to drive their own agenda. As a result it’s become a little easier to demonstrate that security spending is not the same as setting fire to money. All this was a slight feeling of Schadenfreude as we were able to use the examples of well-known major breaches as justification for our efforts.
My point of view literally matches that of my product (Core Impact Pro). That is, the point of view of the people who spend their days concerned about how attackers might breach corporate - and in some cases national - digital boundaries and attempt to cause mischief. To further help accurately asses the level of security we released v12 of Impact where we extended our Network, Client Side, Web App, WiFi and Network Routers/Switches to also include the ability to test mobile devices.
As I type "version 12" it makes me think beyond this one year to the entire journey of the Impact product; it has long been an exciting time developing and growing the product as the security industry has evolved and matured alongside it. Work began on Impact in 2001 (simple math: 2011 marked the 10th year of its development) and since its inception the goal has been to provide our customers with the ability to perform the same actions that attackers take when targeting a network including:
- Exploiting a buffer overflow in an exposed service
- Targeting users inside a network via email attacks
- Using SQLi and other web application vulnerabilities to pivot into a network
- Brute-forcing credentials to gain unauthorized access to systems or exploiting
- Harvesting data from mobile devices.
I did some digging to demonstrate the growth of Impact over the past few years and was impressed with the rate of the number of updates we have issued – from 82 in 2004 to almost 400 this year. By updates I mean continuous releases that include an ever-expanding library of commercial-grade exploits vs. a major release with new features and functionaility.
One of the exciting parts of living in the security space is the fact that it is not constant. If you want to take a break from the constant need to learn new techniques and paths of access to critical data - you either have to leave the industry, or join middle management. As the person looking after a key product in this space I enjoy the race to understand if the new buzz in the twittersphere is something relevant to consider adding, or simply just noise that will pass in a few days.
Just like every year since 2004 when I joined Core, this past year has reminded me once again that we are always keeping pace with the needs of the security community. I am proud of that and we will continue to do this in 2012 and remain the best destination for security testing.
- Alex Horan, CORE IMPACT Product Manager