Narrowing the list of critical vulnerability data by up to 90 percent allows security teams to focus remediation efforts on the most critical business risks, significantly improving their efficiency and overall security posture.
The Core Attack Intelligence Platform helps security professionals by combining the capabilities of Core Security Consulting Services, Core Impact Pro and Core Insight. The company’s patented attack path planner enables security professionals to associate known threats, vulnerabilities and attack patterns with security and network data to identify potential attack paths to critical business assets – narrowing the scope from what is possible to what is most likely.
What’s new in the Core Attack Intelligence Platform:
Expanded and configurable attack path planning - Attack path planning is expanded to include private, theoretical, virus and malware exploits in addition to Core Security and Metasploit exploits. The attack path planning results can be customized using various filters such as network connectivity, location, and potential business impact to help organizations prioritize known attack paths according to their own risk criteria.
Distributed penetration testing - Organizations that are distributed across geographic locations are now able to execute penetration tests from a remote location, no matter where the target system resides, eliminating the need to be physically present to perform validation tests.
Protection against the consumerization of IT – The Core Attack Intelligence Platform added enhancements to two major vectors affecting IT: mobile and Wi-Fi. The new platform provides an Android agent and also offers support for Wi-Fi Pineapple Mark V devices, enabling customers to exploit mobile vulnerabilities, as well as execute more sophisticated man-in-the-middle attacks.
“The Core Attack Intelligence Platform helps us cut through the noise, identify the most significant vulnerabilities and take risk-appropriate action,” said James Manint, chief information security officer at CB&I. “It paired seamlessly with our existing infrastructure. We’re still using our scanners, but we’re no longer overwhelmed by thousands of vulnerabilities after every scan. We’re focused on closing gaps where it matters.”