Things just got real for companies that need to comply with PCI requirements. Not only is PCI v3.2 mandated, the PCI Standards Security Council has issued guidance on using penetration testing as part of a vulnerability management program. Why are they buckling down? Part of the reason was explained well in the recent Verizon PCI Compliance Report. Compared to 2015, the 12 key requirements...

Equip your pen testers with the most effective tools

Summary of all of the exploits and updates shipped to Core Impact 2017 R2 since Sept 26th (the last Dot release): 17 Updates overall 9 Remote Exploits 3 Client-Side Exploits 4 Local Exploits 1 Product update Published modules: Remote Exploits: Trend Micro Mobile Security for Enterprise upload_img_file Arbitrary File Upload Vulnerability Exploit Adobe ColdFusion Java JMX-RMI Remote...

So you’re using Core Access Assurance Suite (AAS). Maybe you’ve been using it for a while and have a routine down – but there may be ways to make your experience with this program even better. Every now and then it’s important to reassess the tools you are using to see how you can get more out of them. Today’s post is to share a few tips to help create a better user experience with the product...

More than 1,800 delegates from companies around the globe converged last week in Las Vegas for Gartner’s annual Identity and Access Management (IAM) Summit. Gartner IAM is unique in that it is solely focused on identity and access management rather than covering all areas of security. The event presented the Core Security team with a great opportunity to spend quality time with some of our...

It is our mission to continue to produce the most effective and efficient security products and services on the market. Today, I am happy to announce the release of Core Impact 18.1, our market leading penetration testing solution – where we put the focus on enabling user-testing and social engineering. With this release, we’ve put the focus back on the user, or “client-side” testing, as email is...

Summary for all of the exploits and updates shipped to Core Impact 18.1 since its release (on Feb 14th): 14 Updates Overall 3 Remote Exploits 5 Client-Side Exploits 3 Local Exploits 3 Product Updates Here is the list of published updates: Remote Exploits: Symantec Messaging Gateway performRestore OS Command Injection Exploit IBM Informix Open Admin Tool SOAP welcomeServer PHP Remote...

Is your organization protected against ransomware?

Try Event Manager for Free

Learn what privileged accounts really are so you can mitigate privileged access risks and ensure compliance in your organization.

Today, we are thrilled to announce the next step in our Identity Governance and Administration journey, the release of Core Access Assurance Suite 9.1. While not a major release, AAS 9.1 includes updated UX and UI changes which show our continued commitment to visualizing IGA. The Access Assurance Suite 9.1 release follows a visual-first approach, with a new user interface for managing access and...