Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Database
    • Networking

    Core Security Updates Penetration-Testing Software

    By
    Matt Hines
    -
    August 14, 2006
    Share
    Facebook
    Twitter
    Linkedin

      Core Security Technologies released an update to its penetration-testing automation software on Aug. 14, promising to help companies more effectively test their networks for potential security loopholes.

      Dubbed Core Impact 6.0, the product boasts a completely retrenched applications framework that the vendor claims will greatly improve the efficacy and ease of use of its tools. Core Security said it will forward the product as a free upgrade to existing customers of its software.

      The rebuild is centered on a new version of the software agent that carries out the penetration testing itself. Core says the agent is capable of recreating the most sophisticated attacks on the security landscape without actually altering or damaging the systems it is being run on.

      /zimages/6/28571.gifClick here to read more about Core Security Technologies testing tools.

      One of the major steps forward in the release, according to Core executives, is the products addition of penetration testing for so-called client-side applications, such as Web browsers, spreadsheets and multimedia players, which have become the focal point for many emerging IT security attacks.

      “There have been a number of high-profile incidents such as the MySpace compromise that have targeted client-side weaknesses to deliver their payloads, and attackers are only going to increase their focus on these types of threats because the vulnerabilities are so easy to exploit,” said Max Caceres, director of product management at Core, in Boston.

      /zimages/6/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      “At the same time, the vulnerabilities in endpoint security tools are becoming harder to control, so theres a definite need for more penetration testing in general,” Caceres said.

      Other new features in the product include database tools for managing client-side information that will allow the product to store information related to the client-side aspects of a penetration test, including any involved contacts, e-mail addresses and host information.

      Another addition is a revamped user interface with a new “generic” view that can be used to search the products database and organize data about scans in user-created folders, which the company said would speed users access to test results.

      Core also added support for Apple Computers Mac OS X operating system, as the platform is becoming more widely used in businesses, and also the subject of a larger number of emerging attacks.

      Charles Kolodgy, an analyst with IDC, based in Framingham, Mass., said Cores approach remains unique as the market for penetration testing continues to mature, which could help Core Impact find a home with more customers. By having tools in-house with which to complete the work typically left to outside auditors, companies can ensure that the everyday changes they make to their networks dont result in serious vulnerabilities.

      Another selling point that may appeal to users is the ability to test the status of other security technologies using Core Impact, according to the analyst.

      “It seems like theres some interest among customers in automating some of these responsibilities,” Kolodgy said. “The issue that people have is that when theyre doing pen testing as a service, the expertise isnt with you all the time, but their environment is changing all the time with new devices and applications; having your own tool to do testing constantly, rather than waiting for audits, is an idea that some companies may adopt.”

      /zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Matt Hines

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×