Cyber Security Awareness and Vulnerabilities Blog

RSS

A new memo issued to federal agencies by the White House OMB pushes them to embrace more practices that will empower them with enterprise security metrics, a paradigm that Core Security is also putting its weight behind.

Read More

With IMPACT Pro v10.5 we've made a bigger effort than ever before to respond to the feature requests of our customers.

Read More

It's amazing how many cool things you can do (or test) when availing yourself of the manual capabilities of CORE IMPACT Pro.

Read More

Two extremely important pieces of pending cybersecurity legislation took significant steps forward in Washington last week.

Read More

The Rockefeller-Snowe Cybersecurity Act represents an important milestone in advancing U.S. policy along a number of important lines.

Read More

RSA Security Conference 2010 was a raging success for Core, both in terms of taking measure of itself in the industry and creating an industry for security testing and measurement itself.

Read More

Three of the IT security industry's most respected leaders have signed-on to help guide our future plans. They've done so because they already share our vision for the future of enterprise security testing and measurement.

Read More

In direct response to customer demand, Core Security has announced a direct integration between IMPACT Pro and the open source Metasploit Framework.

Read More

ShmooCon 2010 and all the other Cons have a truly special place in the hearts and minds of security researchers and pen testers, and within the IT security industry itself.

Read More

In Windows systems, path and filename normalization routines have some interesting quirks. In his upcoming ShmooCon presentation, Core's Dan Crowley will demonstrate how these quirks can be used to bypass filters and access control mechanisms, evade IDS detection, alter the way that files are handled and processed, and make brute force attacks to enumerate files easier.

Read More