Case Study
Large Health System Turns to Core Privileged Access Manager (BoKS) for Server Management & System Security
Overview
A leading not-for-profit health system in the United States, with multiple hospitals, rehabilitation centers, physician clinics, mental health facilities, independent living centers, and home health agencies, employs more than 9,000 individuals, including nearly 1,400 physicians. Collectively, the entities within the healthcare organization also maintain more than 1,500 licensed beds...
Case Study
U.S. Government Laboratory
Overview
Core Impact helped this U.S. Government Lab:
Compliment vulnerability scanning
Prepare for security audits
Test end-user security awareness
Case Study
Large Midwestern University
Overview
Core Impact helped this large Midwestern University:
Improve security holistically
Find client side vulnerabilities
Test web applications
Ease PCI compliance
Case Study
Global Manufacturer Case Study
Overview
With the help of Core Security Password Management, the IT staff at this global manufacturing customer has achieved its goals of reducing the costs of managing access and authentication for its large community of end users, improving productivity through self-service and user support responsiveness, enhancing overall password security and adhering to audit compliance requirements. Key...
Article
MS15-011 - Microsoft Windows Group Policy real exploitation via a SMB MiTM attack
Windows has been around a long time. After years of evolving from one version to another, it is rare to find vulnerabilities that allow remote code execution from Windows XP to Windows 8.1 (32 and 64-bit)...
Case Study
Cigna-HealthSpring
Overview
Cigna-HealthSpring chose Core Security to help the organization focus on maintaining compliance with federal regulations such as HIPAA, HITECH and SarbanesOxley while automating the user access process.
With Compliance and Access Request, CignaHealthSpring can now:
Automate manual user access review processes
Easily analyze, review and certify user access enterprise-wide
Protect...
Case Study
Banking Customer
Overview
With Core Security, the banking customer:
Achieved “go-live” status within five months of project launch
Streamlined operational and business processes associated with on-boarding and off-boarding staff
Leveraged role-based provisioning to grant employee access by job code
Demonstrated policy and regulatory compliance, including recognition by external auditors of adherence to process
...
Case Study
Auto Parts Manufacturer
Overview
With Core Security’s Identity Governance & Administration solution, the customer:
Successfully implemented self-service password reset and automated user provisioning within a 6-month, deadline-driven time frame.
Achieved automated routine access removal for terminated employees.
Improved efficiency and user productivity through elimination of paper form processing.
...
Blog
Phishing: What Does It Look Like and How to Avoid It
Fri, 05/22/2020
According to the Anti-Phishing Work Group, 1.2 million individual phishing attacks took place in 2016 – a 65% increase from the year before. These attacks have been mentioned across all industries and the most recent Verizon Wireless Data Breach Report states that 95% of phishing attacks that led to a breach were followed by some sort of software installation- usually malware.
Phishing is no...
Blog
WannaCry and the Rise of Ransomware
Fri, 05/22/2020
Are you prepared for a ransomware attack on your organization?
Blog
10 Reasons You Should Be Pen Testing
Fri, 05/22/2020
You may know that you need to penetration test your organization for the sake of compliance - but there is more to gain from a pen-test than just adhering to set regulations to avoid a fine. We've compiled a list of reasons to pen-test your infrastructure to help your company operate out of a healthy security posture.
1. Real Work Experience
Penetration tests should be done without alerting...
Blog
Lessen the Blow of Ransomware or Social Engineering – Phish Your Users
Fri, 05/22/2020
So I know that everyone was worried about WannaCry and the Ransomware epidemic that we just had. Though this type of attack isn’t new, this one particular instance got so much attention because it was such a large attack and affected many in the world. Many organizations immediately started researching with their security vendors how to detect, deter and remediate…Sound familiar? Yeah, that’s Core...
Blog
How to Think Like an Attacker: Advice from the (Not So) Dark Side
Fri, 05/22/2020
We spend a lot of time talking around and about bad actors, but what if we sourced them to teach us about this industry instead? We know they exist and we know they’re working towards obtaining the sensitive data on our networks. But how do their minds work and how do they work differently than those on the ethical side of hacking? Let’s look at what sets bad actors apart and how you can leverage...
Blog
The 4 Questions to Ask Your Security Consultants
Fri, 05/22/2020
While it can be nerve-wracking letting someone into a portion of your organization, look at it as though you are actually taking back control. Enlisting the help of trained and experienced experts is nothing to be ashamed of – if anything, this could be the smartest thing you do for your company. However, before completely letting go of the reigns here are some questions to ask so that you know...
Blog
Before You Download: Penetration Testing Your Applications
Fri, 05/22/2020
Each day we are being inundated with information. This could be in the form of ads, articles or a new tool to use that will surely make our lives easier. While these applications could be very useful to the organization, they could also be the cause of breaches or the unlawful capture of your personal or business information. But there’s a way to ensure the programs you are downloading to your...
Blog
Petya - What Really Happened
Fri, 05/22/2020
There has been a lot of information shared this week around the Petya “ransomware” virus. I put this in quotes because, just as with most attacks, once you dive in and get more information you find out that everything is not as it seems. The problem is that with the confusion going on around Petya on Tuesday there was a large amount of misinformation just as with WannaCry. After the dust settled...
Blog
3 Questions to Ask About Vulnerability Management
Fri, 05/22/2020
Vulnerability management is becoming a standard industry practice and, as such, is included in most regulatory compliance rules as a quick and easy path to threat remediation. However, the reality is that most companies are not actually managing vulnerabilities, but rather conducting scans that produce thousands of potential threats. Identifying possible security risks and actually managing them...