Core Security Technologies next week updated Core Impact, its security penetration-test tool for desktops and servers that lets customers run a series of exploits to determine how far into corporate resources a hacker could burrow.
Version 4.0, which runs on Windows 2000, XP, Linux, Solaris and OpenBSD, presents a set of exploits that authorized mangers can run that duplicate hacker capabilities. This version eliminates the need to manually direct each testing step and automates the cleanup procedure of removing files and back doors that get installed as a routine part of changing machine configuration.
The tool can import information about network vulnerabilities that are discovered by commercial tools such as Internet Security Systems Inc.’s Scanner and freeware like Nessus. It competes with freeware such as the Metasploit Project tools for penetration testing and is viewed as complementary to vulnerability assessment tools, which can identify network holes by scanning.
James Cupps, chief information security officer at global paper manufacturer Sappi Ltd., says he has used Core Impact for a number of years to supplement vulnerability-assessment tools, which cover a wide range of possible network and application holes but often generate false positives.
“Core Impact is more accurate if not more comprehensive than vulnerability assessment,” Cupps says. For instance, Nessus might identify a few thousand possible weaknesses, but Core Impact zeros in on the 100 or so most critical exploits.
When vulnerability-assessment tools pick up a weaknesses in any of Sappi’s 2,000 desktops or 600 servers, Cupps checks the results with Core Impact to make sure there are no false positives and to determine how deeply hackers might exploit a problem. “I’ll do this on a quarterly basis, once a week for each subnet, and give the results to a systems administrator,” Cupps says.
Core Impact consolidates reporting on network exploits and presents them on a PC-based management console.
Core Impact 4.0 starts at US$2,500 for an eight-server license.
