Overview
The Core Attack Intelligence Platform helped:
- Validate claims of security vendors based on results by Core Impact
- Save money by making the right vendor decisions
- Accurately test the effectiveness of their security products
Background
One of the world’s largest airline carriers, with more than 3,000 daily departures throughout the Americas, Europe and Asia. The airline serves 152 domestic and 122 international destinations, more than any other carrier in the world. Nearly 400 additional points are served via international partnerships. With close to 40,000 employees, this airline service has hubs across the United States, as well as a Pacific island, and carries approximately 55 million passengers per year.
The Challenge
In an effort to stay one step ahead of ever-evolving network threats, the company’s Information Security Director, determined that his organization needed to augment their current security mechanisms. After an extensive review process, the Security Director and his 5-member team decided that it would be necessary to implement a multi-layered security strategy. Initially, he began looking at a variety of technologies, including intrusion detection systems (IDS), vulnerability scanners, and host and network-based intrusion prevention systems (IPS). However, he knew that he could not make the purchase decisions without being able to prove that he was maximizing return. “If we are buying technology,” he said, “we should be able to technically evaluate our purchases and be sure that we are getting an appropriate return of our investment.”
“The products we were evaluating cost hundreds of thousands of dollars. When making that level of investment, we have to be sure that the technology we implement can effectively mitigate problems.”
Based on his decade of experience, he knew that he needed to evaluate these security technologies pre-purchase, as well as post-deployment. To the Security Director, that meant performing ongoing penetration testing. “Penetration Testing is the only process that allows us to verify the impact of a potential vulnerability and prove that our security technologies are working and actually detecting and preventing attacks.”
The Security Director had conducted manual penetration tests in the past. However, he recalled that the manual process posed significant challenges. “It was an arduous and painstaking process to manually evaluate our network and applications. It was time-consuming to write exploits, ensure they were safe to run, and update and manage the process. I needed something I could simply install and run.” He was aware of open-source options but needed a tool that would streamline the penetration process, leverage his team’s core competencies, and most importantly be safe and possess support and accountability.
The Security Director needed to find a standardized product that would allow him to easily and cost-effectively conduct penetration testing as a permanent part of his ongoing IT security process.
“Running a penetration test used to be very risky, but now with Core Impact the testing and penetration processes are safer and more manageable. Also, Core Impact made my team and me more efficient, reducing our testing time from days to just minutes a week.”
The Solution
Ultimately, the airline service turned to Core Security and its product, Core Impact, the first comprehensive penetration testing product for assessing specific information security threats to an organization. The product enabled them to replace the inconsistent, manual penetration testing tools they had previously used with a professional, state-of-the-art, automated penetration testing solution.
Furthermore, Core Impact helped this major airline carrier:
- Evaluate and test the effectiveness of their IPS by safely creating real-world intrusion events.
- Exploit vulnerabilities in the network, replicating the kinds of access an intruder could achieve, and proving actual paths of attacks that needed to be eliminated.
- Test for external and internal vulnerabilities, including those that relate to how network components work together.
- Eliminate false positives and report precisely where the network could be penetrated and the associated security risks.
The Result
“I now have an asset that allows me to validate the claims of security vendors. Our decisions about whether or not to buy certain security products are based in large part on the results from Core Impact. This penetration testing product has saved us hundreds of thousands of dollars by helping us make the right decisions.”
“In order to accurately test the effectiveness of our security products, we run everything through Core Impact. Thanks to Impact, we can now trust the security technologies we invest in.”
Interested in learning more about pen testing?
Check out our pen testing toolkit to learn about all the steps of managing an effective penetration testing program.