Resources

Security Tips
Video

How to Take Your Vulnerability Management Program to the Next Level

Thu, 08/20/2020
Managing security vulnerabilities is no easy task: identifying, classifying, remediating, and mitigating weaknesses in the IT infrastructure is a continuous process that has only grown more challenging with an increasing number of attacks. Most organizations have the fundamentals in place: running regular vulnerability scans, establishing basic prioritization methods, having a patching process,...
Penetration Testing
Man looking at a computer
Video

8 Ways to Tackle the Biggest Access-Related Challenges in Financial Services

Mon, 08/17/2020
Financial services organizations today face extraordinary challenges in a dynamic, complex landscape. During the last two decades, the financial services sector has seen everything from increasing cybersecurity threats, data breaches, and cyberattacks to intensified regulatory compliance, an acceleration of digital transformation, and the pressure to increase operational efficiencies and decrease...
IGA
core impact 20.1 blog
Blog

5 Most Notable New Features in Core Impact 20.1

Wed, 08/12/2020
We are so excited about our latest release of Core Impact. Version 20.1 was fueled largely by the valuable and genuine feedback our customers have shared with us. This release was jam packed with new features, including several new additions that offer added convenience and increased usability. To recap, we thought it would be helpful to highlight the top 5: 1. Flexible Licensing Core Impact now...
Penetration Testing
Ecourse

Conducting Phishing Attacks in Core Impact

There are endless possibilities when it comes to conducting phishing campaigns using Core Impact. These training videos are designed to get you started and provide ideas on how you can set up your phishing campaigns.
Penetration Testing
Ecourse

Core Impact Advanced Techniques

This series is designed to provide tips and tricks for penetration testers to conduct as they become more advanced users in Core Impact. From injecting agents to conducting a golden ticket attack, this series includes advanced techniques that can help you understand where your organization is most vulnerable. ...
Penetration Testing
Ecourse

Using Core Impact with PowerShell Empire

This video discusses the integration between Core Impact and PowerShell Empire and how you can use these two tools together. (function(t,e,s,n){var o,a,c;t.SMCX=t.SMCX||[],e.getElementById(n)||(o=e.getElementsByTagName(s),a=o[o.length-1],c=e.createElement(s),c.type="text/javascript",c.async=!0,c.id=n,c.src="https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd...
Penetration Testing
Ecourse

Getting Started with Core Impact

Get up and running quickly with this training series designed to provide you with an overview of the Core Impact penetration testing software interface and functionality. ...
Penetration Testing
Getting Inside the Mind of An Attacker Part One Thumbnail
Blog

Getting Inside the Mind of an Attacker: Why Active Directories Are Popular Targets

Mon, 08/10/2020
Authored by: Julio Sanchez In today’s world, with the perpetual threat of breaches always looming, what’s the best way to ensure your organization stays safe? Oftentimes, the best security measure against cyber-attacks is to think like an attacker. When viewing things in this light, it’s immediately clear what makes for a prized gem within your infrastructure: Active Directory. Though such an...
Penetration Testing
Ecourse

Core Impact Training in 20 Minutes

Our training courses are designed to help our customers get the most out of Core Impact’s powerful features and maximize their return on investment. This training series is designed for both new and experienced users and covers the most common topics from customers. Each course is only 20 minutes, designed to help increase confidence in the platform. ...
Penetration Testing
How to Select the Right Third-Party Pen Testing Service
Blog

How to Select the Right Third-Party Pen Testing Service

Wed, 07/29/2020
As both cybersecurity breaches and compliance mandates increase, third-party pen testing services are no longer seen as optional. These teams specialize in ethical hacking that gives organizations insight into possible security weaknesses and attack vectors in their IT environment. Being in such high demand, more and more testing services are emerging, presenting businesses with a new challenge of...
Penetration Testing
Video

Reducing Risk With Penetration Testing

Tue, 07/28/2020
Though cybersecurity defenses are increasingly sophisticated, threat actors have also become more creative in order to achieve their end goals. They continue to find new ways to use the technologies most integral to businesses – mobile devices, computers, servers, websites, wifi, and email – as entry points to breach networks for malicious purposes. What more can be done to reduce the risk of...
Penetration Testing
What’s the Difference Between IAM, IGA, and PAM?
Blog

What’s the Difference Between IAM, IGA, and PAM?

Fri, 07/24/2020
The identity security landscape has transformed considerably within the last two decades. And for good reason. Mitigating identity-related access risks has become essential as companies face threats every day, from virtually everywhere. The focus on managing the access of people, digital identities, and privileged accounts has increased significantly to address these risks, and has put Identity...
PAM
IGA
IAM
Security Compliance
Blog

Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance

Tue, 07/21/2020
Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance To continue this month's conversation on compliance, we have another special guest joining us on the blog today. Alex Naveira is the Director, ITGA & CISO at Miami Children's Hospital and oversees multiple locations. We asked Alex what compliance meant to him and he had a list of different kinds of compliance and said "which one?"...
IGA
health-care-identity-governance-doctor-with-ipad
Blog

Healthcare Identity Governance in the Era of COVID-19: Five Critical Issues Your Organization Can’t Afford to Overlook

Wed, 07/15/2020
The impact of COVID-19 has been far-reaching across nearly every sector. But none has been so greatly disrupted as the healthcare industry. Managing through this crisis has required healthcare systems to expand some aspects of their workforce and redeploy others virtually overnight in order to transform the way they offer services to patients. Redeploying resources, leveraging a mobile workforce,...
IGA
Performance gears
Blog

The Truth About Pen Testing Automation

Mon, 07/13/2020
With cybersecurity attacks perpetually on the rise, security teams are under more pressure than ever. While pen testing can help these teams by finding vulnerabilities before adversaries can, even pen testing comes with its challenges. A skills shortage, new and expanding regulations requiring testing, and other critical daily security duties increasingly leave cybersecurity professionals...
Penetration Testing
Getting Inside the Mind of an Attacker: Going Beyond the Exploitation of Software Vulnerabilities
Video

Getting Inside the Mind of an Attacker: Going Beyond the Exploitation of Software Vulnerabilities

Tue, 07/07/2020
When evaluating potential risks to an organization, the human factor is one of most dynamic and crucial elements to consider. An attacker can take advantage of security pitfalls introduced by humans, gaining access and even escalating privileges. Anyone from a regular user to an IT admin can make simple but critical errors that allow a threat actor to enter your organization’s network. In this...
Data Security
Video

Top Reasons to Move from Syslog to a SIEM

Tue, 06/23/2020
Your security team is perpetually busy protecting your organization’s data. But they can often be overwhelmed with tasks related to security events from a constantly pinging syslog. SIEM—or security information and event management—software can help IT teams get a streamlined view of activity and potential concerns. Differentiating “event data” from “log data,” as they are related to SIEM, is...
SIEM