Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

CORE Security Enhances Penetration Testing Solution

CORE Impact Pro Release 12.3 Provides Enhanced Endpoint, Mobile, Web and Wireless Testing Capabilities

CORE Impact Pro Release 12.3 Provides Enhanced Endpoint, Mobile, Web and Wireless Testing Capabilities

Following recent updates to its CORE Insight Enterprise security intelligence solution, CORE Security Technologies, a Boston, Massachusetts-based provider of security testing solutions, on Monday announced significant enhancements to its vulnerability assessment and penetration testing software, CORE Impact Professional.

New enhancements let security teams proactively test endpoints at the operating system (OS) and application levels without the need to challenge end-users through social engineering.

According to the company, the latest version (Release 12.3) of CORE Impact details how network systems and devices, endpoints, web applications, wireless networks and mobile devices can be compromised by replicating a broad range of attacks through an extensive library of more than 2,500 exploits and other attack techniques.

CORE Security LogoNew Testing Features Include:

Endpoint Assessment with No End-User Involvement – CORE Impact can now assess client-side applications and operating systems within Microsoft Windows and Mac OS X-based laptop and desktop computers prior to deployment in live environments.

Customizable Phishing Email Template Interface – When social engineering tests are required to assess end-user security awareness, CORE Impact 12.3 makes it easier for security professionals to customize email templates to replicate spear phishing attacks tailored to target the organization.

WPS-Enabled Device Information Gathering – CORE Impact now enables IT security teams to discover and record information from deployed laptop and desktop computers including WiFi Protected Setup (WPS), name, model, serial number and manufacturer.

Man-in-the-Middle (MITM) Wizard – Allows users to create fake access points and perform predefined Man-in-the-Middle (MITM) tests against WiFi clients through high-interaction “honeypots.” Predefined actions can include WiFi client credential collection, redirection of clients to alternate web servers, or injection of exploits or other changes into their Internet traffic.

Advertisement. Scroll to continue reading.

Certificate-Based Authentication – CORE Impact can now impersonate regular authenticated users of a web application to discover vulnerable areas that could be leveraged to compromise sensitive data and assets.

Mobile Browser Impersonation – By impersonating mobile browsers, CORE Impact helps find vulnerabilities that are only accessible in mobile versions of web applications.

Acunetix Web Scanner integration – Enables users to import and validate Acunetix vulnerability scan results to identify critical, exploitable web application weaknesses. CORE Impact Pro also integrates with HP Web Inspect, IBM AppScan, and NTOSpider.

In addition to new security testing features, Release 12.3 brings several new and enhanced vulnerability testing reports.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.