Core Security Technologies, a Boston based provider of security testing and measurement solutions, today announced enhancements to its CORE INSIGHT Enterprise solution, featuring a new attack path simulation that can simulate an enterprise environment and show potential paths that an attacker could take and the exploits that could be used to conduct an attack.
With the new information gathering features, customers can leverage INSIGHT to independently perform discovery of systems, hosts, open ports and hardware on the network. This data can then be used and compared to subsequent tests to depict infrastructure changes over time.
In addition, CORE INSIGHT v1.3 provides new capabilities to enhance integration with popular vulnerability scanning tools, such as those from Qualys and Nessus, and simplifies and automates frequently performed tasks, including:
• Granular management of connectivity to popular vulnerability scanning products: New centralized management capabilities enable users to select and set their level of connectivity to their preferred vulnerability scanning products.
• One-click import of vulnerability scanning results: Users can quickly upload vulnerability scanning results directly into INSIGHT to validate them using real-world attack techniques.
• Automated export of INSIGHT testing results: Flexible data export capabilities enable users to specify the most relevant testing details and the desired frequency for them to receive customized results.
• LDAP integration: Enables users to import email addresses directly from LDAP for more efficient client-side penetration testing to measure their susceptibility to targeted e-mail based attacks such as spear phishing.
• Campaign cloning: Enables users to save and reuse existing test definitions and campaigns, so the information will be pre-populated in future tests and can be edited as needed.
“With the latest version of CORE INSIGHT we are delivering the real-world business intelligence enterprises need to identify their risks and make better, more informed decisions when it comes to defending their critical assets,” said Jay Schiavo, director, product management at Core Security. “Combined with new integration, flexible reporting and time-saving features, these enhancements further empower our customers to more efficiently and proactively identify and address data breach threats.”