Blog
Blog

8 Tips for Penetration Testing

Wed, 05/27/2020
You think that you're safe, that your network is secure, that your firewalls are protecting you...but how will you know if you don't test it? A penetration test, or pen test, is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities. You may have also hear the term "Red Hat" or "White Hat" when it comes to testing because, while they are trying to...
Penetration Testing
Blog

Core Ready to Put On its Black Hat

Wed, 05/27/2020
Core Security has more going on at Black Hat USA in 2009 than ever before, with the concept of helping customers improve their overall security standing at the center of everything we plan to do. It’s hard to believe that an entire year has passed since the ethical hacking community last convened amid the neon lights and desert sands of Las Vegas for the annual Black Hat convention, but here we...
IT Security
Blog

When to Revisit a Cybersecurity Plan

Wed, 05/27/2020
We are a full three months into 2017 and hopefully you’ve remained unscathed. Have you had some things on your “to-do” list that just haven’t happened? Or maybe something didn’t work or produce as much of a “punch” as you were hoping it would? Maybe some things have served your company far better than you thought—like putting a company-wide security training in place paired with password reset or...
Threat Detection
Data Security
Blog

How to Mitigate Data Breaches in Healthcare IT

Wed, 05/27/2020
What once was only science fiction is now our reality, anything and everything can be hacked. For healthcare providers, ‘anything’ includes not only patient records and claims information, but sentient things like drug pumps and pacemakers. In addition, healthcare has operational functionality that make this space particularly challenging. The mobility challenge is particularly unusual because the...
Blog

Why You Should Pen-Test Your Applications

Wed, 05/27/2020
If testing your antivirus program or other applications sounds silly, then consider this your wake-up call. Just because you’ve bought something to protect your services, doesn’t mean it’s a surefire way to protect your data. System applications, embedded applications, games and more are not invincible either. It’s safe to assume that the protection services you have in place have loopholes that...
Penetration Testing
Blog

Students Safely Using Devices on Networks: Home, School and Business

Wed, 05/27/2020
The integration of technology in classrooms has changed school environments tremendously. It seems as if each year at earlier ages, students are more comfortable using a tablet than putting pen to paper. However, there’s more to be concerned with than kids growing up with poor penmanship. As we all know in the world of cyber security, no one is exempt from being the next victim of an attack. What...
Blog

How Pen-Testing Protects Your Federal Agency

Wed, 05/27/2020
It seems as if government agencies, both locally and nationally, are making headlines for mostly the wrong reasons these days. From scandals to breaches and cybersecurity this has become such a sensitive subject within the past year that these events have left most folks feeling even more on edge. As stated by Thales Data Threat Report, within the past year alone, 33% of government agencies...
Penetration Testing
Blog

How Penetration Tests Protect Your Retail Business

Wed, 05/27/2020
Retail is arguably the leader in terms of the most financial transactions executed in an industry. With that in mind, the retail industry also makes up 8% of all data breaches. It may feel nerve-racking to both work and participate in such a risk dense environment. However, if you have the right security measures in place and remain aware of other’s security breaches and best practices you may be...
Penetration Testing
Blog

Horrible Mistakes You're Making With Pen-Testing Pt. 2

Wed, 05/27/2020
We’ve let you in on some of the not-so-secret mistakes people make with pen-tests last week in "Horrible Mistakes You're Making With Pen-Testing Pt. 1" and we’re continuing with that theme today. There are more potential mistakes and we want to make sure you’re aware of them in order make your pen-tests successful. Read on and stay tuned to see just how many there actually are!Horrible Mistake #3:...
Penetration Testing
Blog

Horrible Mistakes You're Making With Pen-Testing Pt. 1

Wed, 05/27/2020
For some, running a pen test is merely something to do to pass a compliance check for the year. However, there are many more benefits than just adhering to a precedent set out before you. If done correctly – correctly being the main emphasis here – you should already know of the added benefits pen-tests have towards maintaining a healthy security posture. If you feel like you could improve even...
Penetration Testing
Blog

Thoughts from Black Hat and Defcon

Wed, 05/27/2020
Getting home from what we affectionately call Security Summer Camp is almost as much of an adventure as attending the conferences. Getting caught in the Deltapocalypse on the way home just added to the fun. If you want a real challenge, try seeing your way onto earlier flights during a system-wide meltdown of a major legacy carrier.
Blog

Obligatory Java “zero-day” Blog Post

Wed, 05/27/2020
When my mother emails to ask if she should be worried about the Java vulnerability the saw on the news, you know a security issue has gone mainstream. And it seems you cannot be a security company without having a blog warning of the dangers presented by the Java exploit.
When to Use a Pen Test Versus Vulnerability Scan
Blog

When to Use a Pen Test Versus Vulnerability Scan

Wed, 05/27/2020
Penetration testing versus vulnerability scanning. It all sounds the same or does the same thing, doesn’t it? Mistakenly, these terms are often used interchangeably even though there are some fundamental differences. Here we will distinguish the two and help you see what value each could bring to your business. What to Expect in a Pen Test A penetration tester has the goal of getting through...
A New Way of Thinking About Vulnerability Management
Blog

A New Way of Thinking About Vulnerability Management

Wed, 05/27/2020
How do you look at vulnerability management? We’ve seen several blogs on this topic in the past month and even a webinar with one of our security consultants but the truth is that everyone looks at this issue differently. From scanning and assessments to prioritization and patching, vulnerability management is a lot of different things but it is not and never should be seen as: Just a list of...
Penetration Testing
Red Team
4 Steps to Building a Vulnerability Management Program
Blog

4 Steps to Building a Vulnerability Management Program

Wed, 05/27/2020
Day after day we hear stories of companies being breached because of vulnerabilities in their systems. While some of these vulnerabilities may be new, the majority of breaches are caused by vulnerabilities that have had a patch available for weeks, months, even years but are left unpatched. If you know that there are vulnerabilities on your network, why wouldn’t you patch them immediately? Simply...
Threat Detection
Blog

Navigating Your Vulnerability Management Program

Wed, 05/27/2020
OK, I admit it. I use GPS to navigate some routes I’ve driven at least a hundred times. It’s a relief to hear that robotic voice helping me with every single turn on my way home. Here at Core, we asked-how can we make the vulnerability management journey easier for organizations to traverse to reduce the risk of a potential security breach? Ah, yes, a roadmap of sorts to follow to ensure a...
Threat Detection