Multi-Staged Penetration Testing with Core Impact 18.1

Core Impact

Core Impact is an easy-to-use penetration testing tool that enables your security team to exploit security weaknesses, increase productivity, and improve efficiencies.

Core Impact

Divider text here
Core Impact is the most comprehensive solution for assessing and testing security vulnerabilities throughout your organization. Core Impact is the only solution that empowers you to replicate attacks that pivot across systems, devices, and applications, revealing how chains of exploitable vulnerabilities open paths to your organization’s mission-critical systems and data. 

Core Impact gives you visibility into the effectiveness of your endpoint defenses and reveals where your most pressing risks exist across your network. This enables you to evaluate your organization’s ability to detect, prevent, and respond to real-world, multi-staged threats. 

Core Impact's new Named User Pricing model enables users to leverage an unlimited number of IPs to test and helps organizations fit Core Impact within their budgets. Now, organizations can expand the number of Penetration and Red Team users who have access to Core Impact, to more effectively conduct penetration tests without restricting the number of IPs.


Divider text here

Multi-vector Testing Capabilities Across Network, Web, and Mobile

Empowers replicated attacks across all systems, reveals the exploited vulnerability, and allows you to remediate the risk immediately.

Test More Common Vulnerability Exploits than the Competition

Through pen-testing capabilities you are able to test all workstations for various vulnerabilities, in addition to gauging the effectiveness of anti-virus, HIPS, and other perimeter defenses.

Ensure Vulnerabilities Were Remediated

Evaluate your security posture using the same techniques employed by today’s cyber-criminals. Users can now re-test exploited systems months after a pen-test and agents can be upgraded through this feature.

Controlled Commercial-grade Exploits Using a Simple Interface

Endpoint systems tested with commercial-grade client-side exploits in a controlled manner using a simple interface. Through network testing, this solution gathers network information and performs attacks to test the systems’ ability to identify and remediate.

What’s New in Impact 18.1?

Divider text here
The latest release of Impact is version 18.1 and focuses on end-users or “client-side” testing, phishing and social engineering type attacks. 

Why focus on users?
 · Email is the #1 delivery vehicle for most malware
 · 76% of organizations report being victim of a phishing attack in 2016
. · 1 in 131 emails contained malware in 2016, highest rate in 5 years
 · Reports of W-2 phishing emails increased 870% in 2017. 

 Knowing which users are most susceptible can help an organization pinpoint education/ training and other strong security measures to ensure better protection from future attacks.

What are the Key New Enhancements?

Divider text here

Dynamic Credential Capturing

Impact can now sit between user & real website and capture exchange of information (credentials) - No hosting, more realistic, supports chaining. 

Temporal Agent Enhancements

Programmable self-destruct for agents at different levels (Product, Workspace, Module/RPT) - No agent left behind to be potential backdoor or resource drain

Updated Status View & New Auto-Tagging

Redesigns helps easily sort & find results, automatically identify/ tag users who opened/ viewed/clicked and/or provided credentials

Re-Designed Testing Workflows

Removed unnecessary pages & added explanations for each action - Save time and improve effectiveness

Get Core Impact Now

Divider text here
Evaluation versions of Core Impact penetration testing software are available to select organizations. Please complete the registration form to request an evaluation version, and a Core Security representative will contact you with further details.