Core Targets Attacks On Client Software
With Monday's unveiling of Core Impact 6, the latest version of the vendor's flagship penetration testing solution, Core is giving companies the ability to ensure that applications on network PCs are free of flaws that attackers might use as pathways to access confidential data.
Client-side application testing is a new feature that comes in response to the trend of attackers targeting applications such as Web browsers and instant messaging to compromise PCs, said Max Caceres, director of product management at Core.
The Boston-based vendor conducts ongoing vulnerability research to uncover new flaws in applications, said Caceres. When vulnerabilities are discovered, Core Impact 6 runs actual attacks against them to get a sense of their severity and help companies gauge the potential impact to their networks, said Caceres.
"Vulnerability scanners identify potential holes in the network, but Core Impact helps companies focus on remediation efforts, so you can exploit holes and find out which ones are most important to fix," said Caceres.
Vulnerability testing products generally don't look at the potential impact of exploits, which is why penetration testing is an important part of ensuring the security of a network, says Tom Brennan, security practice director at Access IT Group, King Of Prussia, Pa.
"Core Impact 6 enables customers to demonstrate how deep into an organization's network you can go, and also how wide," said Brennan.
While an actual attacker would take over a machine and execute malicious code, Core Impact installs an agent — a small bit of software code with a benign payload — that provides a glimpse into how far an attacker can penetrate into the network as well as what critical assets could be compromised, according to Caceres.
"Installing the agent allows us to confirm that an attack was successful and rule out false positives," Caceres said. Other key features of Core Impact 6 include OS X support and the ability to export XML-based vulnerability data to third-party security products.
Core Impact 6 is available now free of charge for existing customers with valid licenses.