Penetration testing

Learn more about the benefits of penetration testing. If you need help with security assessments or penetration testing, contact Core Security, www.coresecurity.com.

We celebrate the holidays with shopping, gift giving and spending quality time with friends and family. However, when January rolls around and your employees are back in the office it’s likely that they will arrive with a shiny new toy or two. In the…

Read More

Here is the summary of all of the exploits and updates shipped to Impact 2017 R2 since Sept 26th (the last Dot release): 17 Updates overall 9 Remote Exploits 3 Client-Side Exploits 4 Local Exploits 1 Product update   Here is the list of the published modules: Remote Exploits: Trend Micro Mobile…

Read More

One of the most common ways for breaches to occur is purely out of not knowing if or how it could happen. You can’t protect what you don’t know you have – or that you don’t know you have to. Here are some tips for…

Read More

Adhering to the PCI DSS requirements is not only important but essential in ensuring your organization is prepared for the increased spending and shopping this holiday season. Today we’re doing a deep dive into one of the 12 requirements found in the PCI…

Read More

*This blog was originally published on ProgrammableWeb.com Core Impact 2017 R1 and Metasploit Pro are tools used to create multi-staged, real-world attacks to test enterprise security defenses. Organizations need improved visibility into the the holes in their enterprise network defenses.  Pentesting tools allow an…

Read More

There are many reasons to penetration test your organization – and not just to adhere to compliance protocols. Nonetheless, sometimes that’s the routine we get caught in, isn’t it? We do it just because we have to, but we don’t leverage the findings…

Read More

It’s not just about hiring a group of people and dubbing them as part of a Red Team. There are some important steps to ensure you are hiring the right people for the job at hand with a focused goal in mind. Here…

Read More

*This post was updated recently to reflect changes made when the PCI DSS standards document was updated to v3.2 in April of 2016 as well as the new Verizon PCI Compliance. It was previously published here. Things just got real for companies that need…

Read More

The SANS definition of a Red Team is, “a process designed to detect network and system vulnerabilities and test security by taking an attacker-like approach to system/network/data access.” At Core, we believe that a Red Team is the ultimate way to “Think like…

Read More