We’re pleased to announce a new release of Core Impact! Version 21.2 introduces the MITRE ATT&CK™ framework, a matrix of attack tactics and techniques that serves as a reference for cybersecurity professionals which has become a standard in defensive security. Core Impact users can now create MITRE ATT&CK™ reports to classify engagement results according to the matrix, and gain further insight into security weaknesses and the level of risk they pose.
Exploit types
- Phishing, SQL, Brute Force DDOS
Teaming
- Red teams, blue teams, purple teams
k
Pen testing tools
open source, enterprise, or an arsenal
Vulnerability scanning
Pen testing services
Pen Test Pivoting
It’s a well-known fact that TV shows and movies pride themselves on their complete and total accuracy when it comes to portraying historical events, illnesses, or jobs. That’s how we know that everyone in olden times spoke in British accents no matter what country they were in, people with tuberculosis casually cough up blood while otherwise carrying on as normal, and all doctors wander about in form fitting scrubs with only one patient to treat—right?
If 2020 seemed like an anomaly, 2021 proved to us that it’s time to get comfortable with the transformed reality. Remote work, intended as a temporary response to COVID-19, is now an increasingly standardized way to operate. With face-to-face operations no longer the norm, numerous organizations have shifted to a technology-driven strategy.
Having your Active Directory breached is bad enough, but an attacker who gains persistence is even more dangerous. The longer they are able to hide in your Active Directory forest, the better chance they have of gaining access to your organization’s crown jewels. Undetected, they can comfortably wait for the most opportune time to take control, stealing your organization’s most sensitive data and do with it what they please.
Vulnerability scanners are valuable tools that search for and report on what known vulnerabilities are present in an organization’s IT infrastructure. Using a vulnerability scanner is a simple, but critical security practice that every organization can benefit from. These scans can give an organization an idea of what security threats they may be facing by giving insights into potential security weaknesses present in their environment.
Cybersecurity has become an increasingly popular topic in day-to-day conversation, and the conclusion is always the same: organizations need to make cybersecurity a priority and work to create the best security strategy possible. However, there’s a big difference between understanding what you need versus knowing how to get it.
Penetration testing has fast become a common way to assess the state of an organization’s security. Using the same techniques as bad actors, pen tests determine risk by revealing and exploiting vulnerabilities such as unpatched devices, misconfigurations, or careless end-user behavior.
Core Security’s comprehensive penetration testing tool, Core Impact, can now import data from two additional vulnerability scanners: Fortra VM (formerly Frontline VM) and beSECURE.