You may know that you need to penetration test your organization for the sake of compliance - but there is more to gain from a pen-test than just adhering to set regulations to avoid a fine. We've compiled a list of reasons to pen-test your infrastructure to help your company operate out of a healthy security posture. 1. Real Work Experience Penetration tests should be done without alerting...

So I know that everyone was worried about WannaCry and the Ransomware epidemic that we just had. Though this type of attack isn’t new, this one particular instance got so much attention because it was such a large attack and affected many in the world. Many organizations immediately started researching with their security vendors how to detect, deter and remediate…Sound familiar? Yeah, that’s Core...

Each day we are being inundated with information. This could be in the form of ads, articles or a new tool to use that will surely make our lives easier. While these applications could be very useful to the organization, they could also be the cause of breaches or the unlawful capture of your personal or business information. But there’s a way to ensure the programs you are downloading to your...

There has been a lot of information shared this week around the Petya “ransomware” virus. I put this in quotes because, just as with most attacks, once you dive in and get more information you find out that everything is not as it seems. The problem is that with the confusion going on around Petya on Tuesday there was a large amount of misinformation just as with WannaCry. After the dust settled...

Vulnerability management is becoming a standard industry practice and, as such, is included in most regulatory compliance rules as a quick and easy path to threat remediation. However, the reality is that most companies are not actually managing vulnerabilities, but rather conducting scans that produce thousands of potential threats. Identifying possible security risks and actually managing them...

From phishing scams to ransomware, cyber-attacks are growing every day. But something else is growing too – as in the number of Red Teams being built by organizations just like yours. But is a Red Team right for you? Red Teams SANS defines a Red Team as “a process designed to detect network and system vulnerabilities and test security by taking an attacker-like approach to system/network/data...

After months of hard work by our outstanding team, I am pleased to announce the release of Core Impact 2017 R2 – the comprehensive software solution for identifying, assessing and testing security vulnerabilities that attackers will exploit. With Core Impact you are able to identify the most pressing cyber risks to your organization by using this tool that enables you to think, and act, like an...

For several years the Department of Defense (DoD) has been focused on protecting controlled and unclassified information. Seven years ago, around November 2010, the White House issued Executive Order 13556 that established an open and consistent program across all civilian and defense agencies for managing information. The issue this Executive Order was trying to rectify was that departments...

It's true - we've had a lot of updates and releases for Core Impact over the past month. From the New Named User Pricing to the continued improvements being shipped to Core Impact and just this past week the new release of Core Impact 2017 R2 - there's been a lot happening. But trust that the product is still the most comprehensive solution for assessing and testing security vulnerabilities within...

It’s not just the bad actors that we at Core Security want to protect you from – we also want to protect you from yourself. It’s all hands on deck when it comes to securing your systems and the systems you interact with on a daily basis. Everyone personally has, on average, four devices to keep track of - all with different accounts (or even the same) on each with a plethora of passwords to...

Internships are becoming more and more necessary in order for college students to land a job straight out of college. In fact, over 85% of college students complete internships every year. With numbers like these, it’s quite possible that you have a few interns in your office throughout the year. We had five this summer and they were amazing – and not just for getting coffee and making copies....

Safeguard Your Infrastructure and Data

We're always trying to simplify how you go about pen-testing your organization. Anytime you make something too complicated there becomes unnecessary barriers to completion. Enjoy this free Guide to Penetration Testing to ensure you complete your penetration tests quickly and efficiently. 1. Project Scope Before starting your pen-test, you need to determine you plan of attack. This will consist...