Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

New Approach to Automated Security Testing Offered in Beta

Core Security, maker of penetration testers used by “red teams” to identify security vulnerabilities, today announced beta availability of a fully automated testing solution with the ability to continuously test and measure the overall security standing of an enterprise.

Core Security, maker of penetration testers used by “red teams” to identify security vulnerabilities, today announced beta availability of a fully automated testing solution with the ability to continuously test and measure the overall security standing of an enterprise.Enterprise Security Testing

Focus on data, not hardware

The company claims that the new product, Dubbed CORE INSIGHT Enterprise, represents a whole new class of security testing and measurement solutions. It differs from conventional solutions in that it focuses on data, not hardware. Rather than identifying which servers need to be protected, users begin by defining their sensitive assets (databases housing sensitive information, data formats such as social security numbers, etc.), on a global basis if necessary. CORE INSIGHT then searches the infrastructure for exploitable pathways to that data in real time.

According to CORE, moving the focus from protecting servers to protecting data may also lead to more cost-effective security efforts which more directly address business risks.

Confirmed exploitability

CORE INSIGHT’s approach also differs from conventional approaches in that it actually penetrates vulnerabilities, rather than operating on the basis of simulations or by aggregating historic log data. Demonstrating actual exposures eliminates the potential for false positives and allows organizations to proactively identify available paths to protected information spanning multiple layers of IT infrastructure.

The INSIGHT Enterprise Beta Program is now available to select organizations interested in implementing a prototype version of the security testing and measurement solution in appliance form.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.