Scribd Logo
Upload

Welcome to Scribd!

  • 23 views

    IMPACT v11 Launch Webcast

    Uploaded by

    assetire
    The document provides a preview of new and enhanced capabilities in Core IMPACT v11. It outlines plans to add penetration testing of network devices like Cisco routers, improve wireless and client-side attacks, integrate web scanners, expand web crawling and testing abilities, and add more OWASP vulnerabilities. The preview also mentions upcoming training opportunities and the release of Core IMPACT v11 and a new product, Core INSIGHT Enterprise, in December.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    IMPACT v11 Launch Webcast

    Uploaded by

    assetire
    23 views8 pages
    The document provides a preview of new and enhanced capabilities in Core IMPACT v11. It outlines plans to add penetration testing of network devices like Cisco routers, improve wireless and client-side attacks, integrate web scanners, expand web crawling and testing abilities, and add more OWASP vulnerabilities. The preview also mentions upcoming training opportunities and the release of Core IMPACT v11 and a new product, Core INSIGHT Enterprise, in December.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides a preview of new and enhanced capabilities in Core IMPACT v11. It outlines plans to add penetration testing of network devices like Cisco routers, improve wireless and client-side attacks, integrate web scanners, expand web crawling and testing abilities, and add more OWASP vulnerabilities. The preview also mentions upcoming training opportunities and the release of Core IMPACT v11 and a new product, Core INSIGHT Enterprise, in December.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    23 views8 pages

    IMPACT v11 Launch Webcast

    Uploaded by

    assetire
    The document provides a preview of new and enhanced capabilities in Core IMPACT v11. It outlines plans to add penetration testing of network devices like Cisco routers, improve wireless and client-side attacks, integrate web scanners, expand web crawling and testing abilities, and add more OWASP vulnerabilities. The preview also mentions upcoming training opportunities and the release of Core IMPACT v11 and a new product, Core INSIGHT Enterprise, in December.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 8

    Core IMPACT v11 Customer Preview

    Page 1

    IMPACT Pro Product Strategy

    Adding depth and breadth to pen testing capabilities

    Keeping up with and advancing security testing

    Broadening integration

    Helping to advance maturity in vulnerability and compliance management Furthering ties to other penetration testing and vuln mgt solutions

    Across-the-board feature, functional refinement and expansion

    Responding to customer feedback and market-driven demands

    Page 2

    IMPACT Pro v11 Preview

    New Attack Vector: Network Devices Cisco Routers


    Detect configuration vulnerabilities Exploit by changing configuration

    Wireless Man-in-the-Middle (Karma) attacks


    Enables Pro to pose as an access point Able to manipulate WiFi traffic

    Client More enhancements to phishing


    Find e-mails in files (content and metadata) Test for data leakage: phishing link can lead to an impersonated for end-users to complete

    Page 3

    - CONFIDENTIAL -

    IMPACT Pro v11 Preview

    Web Web Scanner Integration


    IBM, HP, NTO
    Leverage scanner crawling capabilities to identify pages to test Import vuln information and use to create Agents

    Web 2.0
    Crawl Javascript generated links
    Identifies dynamically generated pages to test (e.g., shopping cart)

    Recognize login forms and fill in Persistent XSS Crawl Flash objects and test for XSS
    Real-world attack would allow insertion of malicious scripts into Flash

    OWASP
    Add A6: Security Misconfiguration by testing for default accounts

    More WAF evasion Scheduled web application tests + one-step RPT


    Similar to scheduling for network and client-side tests
    - CONFIDENTIAL -

    Page 4

    V11 Demonstration

    Page 5

    - CONFIDENTIAL -

    CCC Updates

    Core Customer Portal

    https://cs.coresecurity.com Training Videos Customer Forums & more

    Reminder: CORE IMPACT training opportunities CORE IMPACT Certified Professional training courses

    2-day training courses held at your site (minimum of 5 students) or at our Boston office Basic (CICP) and advanced (CICAP) courses now available Currently enrolling for an open CICP session in Washington, DC - December 8-9 Contact your account manager for details and reservations Live WebEx sessions are held weekly

    Online Training

    email support@coresecurity.com or call +1 (617) 695-1122 to register

    On-demand webcasts are available 24/7 on the Customer Portal: http://cs.coresecurity.com Courses are available for each attack vector

    Network penetration testing Web application penetration testing Client-side penetration testing Wireless penetration testing

    CORE IMPACT v11 and CORE INSIGHT Enterprise (new product) are coming in December
    Page 6

    INSIGHT Enterprise
    Sneak Peak

    Page 7

    - CONFIDENTIAL -

    Thank You

    This recording will be available on the Customer Portal

    Additional Questions? Customer Support https://cs.coresecurity.com support@coresecurity.com Alex Horan alex.horan@coresecurity.com

    Page 8

    You might also like