Core Security Technologies set to roll out new security testing software that will allow security consultants to use the product's automated penetration testing engine to exploit vulnerabilities and test results.
Penetration testers and security services firms big on leveraging open source tools alongside their full arsenal of security tools will get a boost from the security testing software developed by Core Security Technologies starting in April.
Core announced last week that it will soon offer a full integration of its Core Impact Pro penetration testing software with the popular Metasploit exploit framework. A product of the open source Metasploit Project, the Metasploit Framework has been shepherded by security researcher H.D. Moore since 2003. Designed to offer researchers a more automated tool to develop and execute exploit code against vulnerable systems, Metasploit has since grown to be an invaluable tool for both white hat and black hat hackers intent on compromising targeted machines.
Meanwhile, Core Impact Pro is known throughout the security services channel as one of the most comprehensive commercial automated penetration testing tools on the market. According to Chris Nickerson, CEO of Lares Consulting, the marriage between Impact Pro and Metasploit marks a new era for penetration testers and those with security practices such as his."The most reliable commercial tool blended with the bleeding edge research of the open source community will surely be a hit,” he said.
The new integration will be made available with the next version of Impact Pro, which Core says it expects to deliver through the channel in April. The integrated features will allow security consultants to use the product's automated penetration testing engine to exploit vulnerabilities and then launch Metasploit's db-autopwn module in order to add Metasploit test results to Impact Pro's results. By bringing that Metasploit information into the Impact environment, Core hopes to cut down on the training and expertise necessary to analyze Metasploit reports.
Similarly, users who leverage Metasploit to compromise a system during testing can now deploy a new Impact ProAgent to launch the software's penetration testing capabilities from the compromised system and use the appliance for in-depth attack replication. The user can then pivot penetration tests to other systems. “By offering professional testers and security staff greater ability to centralize their assessments and incorporate their
Metasploit efforts into their Impact Pro deployments, we feel that we’re providing the market with an expanded opportunity to carry out even more inclusive and valuable penetration tests,” said Fred Pinkett, vice president of product management at Core Security.
about 13 hours agoPutting a Channel Face on the Cloud - Amazon, Google and others may leverage the channel to compete more aggressivel... http://t.co/RUeo9iT5
May 22nd 10:41 PMExpanding the Reach and Scope of Desktop Virtualization - VMware moves to acquire Wanova - VMware has set out to ... http://t.co/Ad020fhT
May 22nd 8:58 PMConsidering the IBM Watson Possibilities - IBM looks to the channel to help find new use cases for cognitive computi... http://t.co/CAljVbac
May 22nd 8:54 AMVariations on a Cloud Storage Theme in the Channel - EMC expands focus on the cloud via a channel that is wrestling ... http://t.co/MORSpkkb
May 21st 10:43 AMRightsizing the Cloud Service Provider - Cloudbursting will alter the way the channel thinks about cloud computing i... http://t.co/eZ33qdKE
May 17th 6:39 PMThe Future of IT Services - Automated managed services are transforming the way IT services are delivered - Histo... http://t.co/w4zvAS8u
May 17th 12:39 PMRising to the Cloud Application Management Challenge - BetterCloud previews management tool for Google Apps environm... http://t.co/KzhO7FlP
May 16th 11:00 AMPlaying the IT Services Name Game - HP expands ability of partners to deliver branded services as part of effort to ... http://t.co/XU3QOnKz
Start the New Year with business intelligence—it’s a smart move
Join us on February 1 for an encore rebroadcast at either 5 am or 12 noon EST and discover how business intelligence (BI) supports companies in uncertain business and economic climates. Get expert advice on how to create a strategy that fits your organization's needs and budget and see how quickly it can pay for itself. Click Here
Managed Services 
