While the Core Impact team is hard at work to provide and enhance the most comprehensive pen testing tool, we want to be sure to regularly check in with those who matter most—our customers! That’s why we pull back the curtain every quarter to provide a look behind the scenes and show you what’s on the horizon.
During June's exclusive user-focused webinar, the product experts dedicated to your success covered:
The F5 BIG-IP iControl REST vulnerability, a critical authentication bypass vulnerability that leads to unauthenticated remote code execution, is quite simple to exploit and provides an attacker with a method to execute arbitrary system commands as root.
With Core Impact and Cobalt Strike, security professionals can execute multi-faceted assessments of an organization’s defenses, exposing high-risk security weaknesses and offering targeted advice to better protect critical assets.
You’ve completed a pen test and, not surprisingly, the offensive security exercise turned up multiple weak points and exploitable vulnerabilities across your enterprise environment.
Active Directory is often considered the holy grail for cyber attackers, and for good reason. Once they have control of this critical asset, they essentially have the keys to the kingdom and can easily access, create, or modify any of the main accounts, including trust relationships and domain security policies. Despite best efforts and intentions, Active Directory may be far more at risk than we would like. But how can you better protect this essential asset? Perhaps the best way to start is to understand exactly how attackers are successfully accessing it in the first place.
The cybersecurity world has so many acronyms, and yet we pretend to know what all of them are. However, there are many occasions that leave us wracking our brains, trying to remember what one stands for. Is it a product? An organization? A process? One acronym that everyone should know is OWASP—the Open Web Application Security Project.