What's New At Core

Learn more about Core Security with posts about penetration testing, vulnerability management and security industry news.

As the World of Pen Testing Evolves, so too does Core Impact Pro The world of penetration testing has changed quite a bit over the past several years. It’s being carried out by more organizations that ever before, both as the result of new…

Read More

Over the course of my information security career, I’ve used just about every tool you can think of, and I’ve had to write a few myself. Some of the best conversations – and worst arguments – I’ve had with my colleagues have been…

Read More

A solid partnership with a reseller can create enormous opportunities for your organization, but building such a relationship requires strategic decision-making and considerable effort. While the process of building a partner program will look slightly different for every company, I’ve pulled together a…

Read More

*This blog was recently updated here to reflect the product updates as well as the most recent release of PCI DSS v3.2. Time is ticking if you aren’t yet PCI DSS v3.0 compliant. The new version of the standard went into effect Jan. 1,…

Read More

 In my last blog, I reviewed the Risk Management Framework (RMF), the unified information security framework replacing the legacy Certification and Accreditation (C&A) processes within Federal government departments and the Department of Defense. Old school C&A processes determine if security controls are implemented…

Read More

We’re proud to announce that Core Insight has received another five-star rating from SC Magazine. In its review of vulnerability assessment products, editors called Core Insight the “gold standard” and concluded that “Core Insight is worth every penny.” “It is a premium product…

Read More

The term “threat intelligence” seems to mean a lot of things to a lot of people. During my two days at the SANS Cyber Threat Intelligence Summit in DC last week, I heard many questions from the audience that reflected a general state…

Read More

As you’ve certainly heard by now, as many as 80 million customers of the country’s second-biggest health insurer have been affected by a massive data breach. Names, birthdays, addresses, employment information and Social Security numbers were exposed, but it appears the attackers left…

Read More

Goodbye NIST and DIACAP, hello RMF! For our friends in the Federal Government and military, the process of buying cybersecurity solutions and services just became significantly more straightforward. The Department of Defense and the Federal Government as a whole have finally merged their individual…

Read More

Independent technology advisory company 451 Research recently published a report that provides lots of great insights into the vulnerability management space and our place within it. Here’s a particularly noteworthy excerpt – if your vulnerability scanners are producing reports the size of phone…

Read More