Blog
Blog

New Release - Core Impact 18.1

Thu, 05/21/2020
It is our mission to continue to produce the most effective and efficient security products and services on the market. Today, I am happy to announce the release of Core Impact 18.1, our market leading penetration testing solution – where we put the focus on enabling user-testing and social engineering. With this release, we’ve put the focus back on the user, or “client-side” testing, as email is...
Reporting
Blog

Customizable Reports with Core Impact

Thu, 05/21/2020
Today we're sharing how to use the customizable reports functionality available in Core Impact. In order to generate such agents, we'll use the "Network Report Generation" wizard. From the list of available reports, filter for type "spreadsheet" and select "Network Host Report". When clicking on "Duplicate" we'll get the prompt for a new report name. The new report can then be customized by...
Blog

The Latest Exploits Shipped to Core Impact 18.1

Thu, 05/21/2020
Summary for all of the exploits and updates shipped to Core Impact 18.1 since its release (on Feb 14th): 14 Updates Overall 3 Remote Exploits 5 Client-Side Exploits 3 Local Exploits 3 Product Updates Here is the list of published updates: Remote Exploits: Symantec Messaging Gateway performRestore OS Command Injection Exploit IBM Informix Open Admin Tool SOAP welcomeServer PHP Remote...
IT Security
Blog

Assess the Effectiveness of Your Security Controls with Penetration Testing

Thu, 05/21/2020
It’s important for all organizations to periodically assess and test security vulnerabilities, to better evaluate risk and be ready to detect, prevent and respond to threats as they happen. Vulnerability assessments, penetration tests and Red Teams help you identify and prioritize security risks, which also improves your overall security posture. Gartner recently released a detailed research...
Penetration Testing
Red Team
Blog

Introducing Access Assurance Suite 9.1

Thu, 05/21/2020
Today, we are thrilled to announce the next step in our Identity Governance and Administration journey, the release of Core Access Assurance Suite 9.1. While not a major release, AAS 9.1 includes updated UX and UI changes which show our continued commitment to visualizing IGA. The Access Assurance Suite 9.1 release follows a visual-first approach, with a new user interface for managing access and...
IGA
IT Security
Blog

Security So Easy, A Sales Guy Can Do It

Thu, 05/21/2020
Much like how I complain that I’m not losing weight - even though my treadmill has become a clothing rack- security only works if you use it. And, yes, I know I picked on the sales guys (and girls) in the title but, your security has to be easy enough to use and understand that anyone in the organization can use it, no matter their level of security training. I have heard multiple reports from our...
IGA
Blog

How to Pen-Test with Core Impact

Thu, 05/21/2020
When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. Now, I’m not saying every tester follows every step or performs these steps in this exact order, however, this is a pretty good process to follow. Let’s...
Penetration Testing
Man looking at a computer
Blog

How to Solve the Top Three Struggles of Identity Governance and Administration

Thu, 05/21/2020
Identity Governance and Administration (IGA) is a complex and growing set of solutions that are put in place to help your organization stay compliant with government or industry regulations and, perhaps more importantly, help secure your organization. However, with every new solution, there are a host of new problems. In working with our IGA customers, we keep seeing certain problems emerge so,...
IGA