Core Security Announces IMPACT 3.0 Penetration Testing Framework

Strategic security solutions developer Core Security Technologies, announced CORE IMPACT 3.0 – the new release of their penetration testing framework. Designed to replace expensive, time-consuming manual penetration testing with the state of the art automated penetration testing, CORE IMPACT enables real-world attacks on IT assets and presents analysis of information security risks in one comprehensive application.

Key new features in CORE IMPACT 3.0 include:

• Macro-building capability. Penetration testers can now build macros that sequence modules, and the results of one module can trigger the next appropriate module automatically.
• Client-side Exploits. Penetration testers can now compensate for the typical server-side focus of manual pen tests by using new exploits to pinpoint software risks on workstations.
• Automatic Updating of Modules. Penetration testers can receive automatic updating of modules and exploits, along with product updates, from the IMPACT 3.0 menu, ensuring that they are always up-to-date with the latest in professionally developed tools for assessing security risk.
• Scalability for Enterprises. Penetration testers can design tests that attack over 10,000 targets in their IT environment, as verified in beta tests in enterprise networks.

Max Caceres, Product Manager for IMPACT said: “CORE IMPACT is the culmination of our six years’ experience providing penetration testing services and building analysis tools for customers. The 3.0 release is squarely aimed at meeting our customers’ need to deploy their personnel wisely on information security analysis and cut costs. IMPACT 3.0 leverages personnel by offering both a GUI for junior staff and advanced functionality for programmer types, but yields actionable results that the whole IT organization can use for decision support in prioritizing security risks CORE IMPACT has exposed.”