Resources
Blog

The Latest Exploits Shipped to Core Impact

Thu, 05/21/2020
Summary of all of the exploits and updates shipped to Core Impact 2017 R2 since Sept 26th (the last Dot release): 17 Updates overall 9 Remote Exploits 3 Client-Side Exploits 4 Local Exploits 1 Product update Published modules: Remote Exploits: Trend Micro Mobile Security for Enterprise upload_img_file Arbitrary File Upload Vulnerability Exploit Adobe ColdFusion Java JMX-RMI Remote...
Blog

Tips for Success with Access Assurance Suite

Thu, 05/21/2020
So you’re using Core Access Assurance Suite (AAS). Maybe you’ve been using it for a while and have a routine down – but there may be ways to make your experience with this program even better. Every now and then it’s important to reassess the tools you are using to see how you can get more out of them. Today’s post is to share a few tips to help create a better user experience with the product...
Blog

Lessons Learned at Gartner Identity and Access Management Summit 2017

Thu, 05/21/2020
More than 1,800 delegates from companies around the globe converged last week in Las Vegas for Gartner’s annual Identity and Access Management (IAM) Summit. Gartner IAM is unique in that it is solely focused on identity and access management rather than covering all areas of security. The event presented the Core Security team with a great opportunity to spend quality time with some of our...
What is?
Blog

Security Answers in Plain English: What is a Man-in-the-Middle Attack?

Thu, 05/21/2020
"I heard on the news about how some sites and mobile apps are vulnerable to Man-in-the-Middle attacks. What is a Man-In-The-Middle Attack, how does it work, and how can I protect myself?" Man-in-the-Middle (MitM) attacks are basically one website stepping in-between you and a legitimate website so that whatever you do on the legitimate website can be seen and stolen by the attacker who owns the...
Blog

New Release - Core Impact 18.1

Thu, 05/21/2020
It is our mission to continue to produce the most effective and efficient security products and services on the market. Today, I am happy to announce the release of Core Impact 18.1, our market leading penetration testing solution – where we put the focus on enabling user-testing and social engineering. With this release, we’ve put the focus back on the user, or “client-side” testing, as email is...
Blog

The Latest Exploits Shipped to Core Impact 18.1

Thu, 05/21/2020
Summary for all of the exploits and updates shipped to Core Impact 18.1 since its release (on Feb 14th): 14 Updates Overall 3 Remote Exploits 5 Client-Side Exploits 3 Local Exploits 3 Product Updates Here is the list of published updates: Remote Exploits: Symantec Messaging Gateway performRestore OS Command Injection Exploit IBM Informix Open Admin Tool SOAP welcomeServer PHP Remote...
Common IAM Fears and How to Overcome Them
Video

Common IAM Fears and How to Overcome Them

Thu, 05/21/2020
Enterprises are facing a growing complexity crisis over identity management. It is often difficult to effectively manage, especially as the number of access relationships exponentially increase and our environments become subjects to purposeful attacks. Against this backdrop of negativity, this webinar examines the problems and solutions around IAM, and how you can better strategize and manage...
IGA
IT Security
Blog

Assess the Effectiveness of Your Security Controls with Penetration Testing

Thu, 05/21/2020
It’s important for all organizations to periodically assess and test security vulnerabilities, to better evaluate risk and be ready to detect, prevent and respond to threats as they happen. Vulnerability assessments, penetration tests and Red Teams help you identify and prioritize security risks, which also improves your overall security posture. Gartner recently released a detailed research...
Penetration Testing
Red Team
Blog

Introducing Access Assurance Suite 9.1

Thu, 05/21/2020
Today, we are thrilled to announce the next step in our Identity Governance and Administration journey, the release of Core Access Assurance Suite 9.1. While not a major release, AAS 9.1 includes updated UX and UI changes which show our continued commitment to visualizing IGA. The Access Assurance Suite 9.1 release follows a visual-first approach, with a new user interface for managing access and...
IGA
cs-core-access-assurance-suite
Datasheet

Core Access Assurance Suite

Solution Overview As part of the Core Security Identity Governance and Administration portfolio of solutions, the Core Access Assurance Suite is a robust Identity and Access Management (IAM) software solution that offers intelligent and visible identity governance across every business environment. The Access Assurance Suite enables organizations to deliver informed provisioning, meet ongoing...
IGA
IT Security
Blog

Security So Easy, A Sales Guy Can Do It

Thu, 05/21/2020
Much like how I complain that I’m not losing weight - even though my treadmill has become a clothing rack- security only works if you use it. And, yes, I know I picked on the sales guys (and girls) in the title but, your security has to be easy enough to use and understand that anyone in the organization can use it, no matter their level of security training. I have heard multiple reports from our...
IGA
Blog

How to Pen-Test with Core Impact

Thu, 05/21/2020
When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. Now, I’m not saying every tester follows every step or performs these steps in this exact order, however, this is a pretty good process to follow. Let’s...
Penetration Testing