Core Impact 7.0 released

CORE IMPACT is the first automated, comprehensive penetration testing product for assessing specific information security threats to an organization. By safely exploiting vulnerabilities in your network infrastructure, the product identifies real, tangible risks to information assets while testing the effectiveness of your existing security investments

New features that ships with this latest release:

  • Fully automated methodology for testing end users and their applications : CORE IMPACT v7 introduces the Client-Side Rapid Penetration Test, which reduces the complexity of running social engineering attacks. Step-by-step wizards guide security professionals through the process of planning and executing email-based attacks. IMPACT v7 also adds new Client-Side Penetration Test Reports that help security professionals identify gaps in their end-user security awareness programs.
  • New PCI Vulnerability Validation Report : New reporting capabilities help organizations address PCI vulnerability management requirements. IMPACT v7 enables security professionals to augment, validate and prioritize results from vulnerability scans performed by Payment Card Industry (PCI) Approved Scanning Vendors (ASVs). CORE IMPACT also now interoperates with eight of the leading open-source and commercial scanners, providing the industry’s broadest support for third-party
    vulnerability scanners.
  • Third-generation agent with multi-staging, plug-in and connection multiplexing support : CORE IMPACT v7 introduces a new and improved remote-control agent, further advancing the product’s unique agent technology. The new, consolidated agent has been simplified, reducing the complexity of penetration tests while maximizing their effectiveness when executed against modern security defenses. The agent runs in-memory by default to protect the integrity of systems targeted by IMPACT penetration tests, and it can be configured to persist across system reboots for penetration tests that span multiple days. Also, the agent now provides an encrypted and authenticated channel with the testing machine, and it features a plug-in architecture for enhanced RPT pivoting.
  • Real-time visibility through the new CORE IMPACT dashboard : A new dashboard provides security professionals with a real-time view of the industry’s most comprehensive exploit database and the more than 3,400 network vulnerability entry-points exploited by CORE IMPACT. A new online and offline update notification feature helps security professionals stay on top of the latest attack trends and informs them when new exploits and utility modules are available for download.

Our Opinion
Unfortunately, we cannot give a review about this product. Because there is no demo version. Personally, i have never tested it. So, no advice to give you fellas. I dont even know if it is a good product or just another "security myth".

Post scriptum

Compliance Mandates

  • Penetration testing & Ethical Hacking :

    PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Commercial
Core Impact
Penetration testing & Ethical Hacking
Vulnerability Scanner