Blog | Contact Us | Customer Portal

info@coresecurity.com | +1.617.399.6980

Solutions
- Solutions Overview
  - About Our Solutions
  - Determine Exposure to Real-World Threats
  - Perform Continual, Automated Testing
  - Assess Security Across IT Layers
  - Validate Security Controls
  - Connect Security Data to Business Risk
- Solutions by Industry
  - Government
  - Health Care
    - Respond to the HITECH ACT
    - Validate HIPAA Compliance
    - Limit Unauthorized Insider Activities
    - Maximize limited security staffing
    - Drive down Web-based Security Risks
    - Insulate Your Networks from Unauthorized Devices
    - Diminish the Impact of Social Engineering
    - Validate security investments
  - Higher Education
    - Overview
    - Assess exposure to potential data breaches
    - Insulate networks from unmanaged devices
    - Limit unauthorized insider activities
    - Drive down web-based security risks
    - Maximize limited security staffing
    - Diminish the impact of social engineering
    - Validate security investments
    - Meet compliance demands
- Solutions for Compliance
  - Validate Security Controls
  - FISMA / NIST
  - GLBA
  - HIPAA
  - PCI
  - SOX
Products & Services
- Products & Services Overview
- CORE INSIGHT Enterprise
  Security Testing Solution
  - Overview
  - How It Works
  - CSO Dashboard
  - Demos
  - Data Sheets and White Papers
  - Comparing CORE INSIGHT to CORE IMPACT
  - How to Buy
- CORE IMPACT Pro
  Penetration Testing Software
  - Overview
  - What It Tests
    - Network Systems
    - Vulnerabilities Identified by Scanners
    - IPS/IDS, Firewalls and Other Defenses
    - End Users and Endpoint Systems
    - Web Applications
    - Wireless Networks
    - Network Devices
  - How It Works
  - Features and Benefits
  - Reporting
  - What's New
  - Security Updates
  - Demos
  - Data Sheets, White Papers and Other Resources
  - Intro To Penetration Testing
    - What Is Penetration Testing?
    - Comparing Security Testing Options
    - What To Look For
    - Independent Penetration Testing Resources
    - Conducting Penetration Tests
  - Comparing CORE IMPACT to CORE INSIGHT
  - Training, Certification and Support
  - How to Buy
- CORE IMPACT Professional Services
  - Overview
  - Web Application Penetration Testing Services
  - Network Penetration Testing Services
  - Client-Side Penetration Testing Services
  - Wireless Network Penetration Testing Services
  - Benefits
  - How to Buy
- Core Security Consulting
  Services
  - Overview
  - Comprehensive Penetration Testing
  - Application Penetration Testing
  - Web Services Security Assessment
  - Source Code Auditing
  - Wireless Penetration Testing
  - Leading-Edge Technology Testing
  - How to Buy
- Demos and Evaluations
- The Research Behind Our Products
- Why Our Products are Safe
- How to Buy
CoreLabs Research
- CoreLabs Overview
- Research Projects
- Advisories
- Publications
  - Presentations and Papers
  - Journals and Magazines
  - Internet Articles
- Open Source Projects
- CoreLabs Extranet Site
News & Events
- News & Events Overview
- Events and Webcasts
  - Webcasts
  - Tradeshows
  - Speaking Engagements
- News
  - Press Releases
  - In The News
- Vulnerability Outbreak Alerts
- Reviews
- Awards
Partners
- Partners Overview
- Strategic Partners
  - Business Partners
  - Technology Partners
- Training Partners
  - CICT Training and Certification
- Using Core's Products in Your Consulting Practice
Company
- Company Overview
- Management Team
- Board of Directors
- Core Advisory Board
- Customers
  - Success Stories
- Careers
- Contact Us
Blog
Customer Portal

Do you know if your critical
assets are exposed?

We do.

Our security test and measurement solutions continuously identify and prove real-world
exposures to your most critical assets.

Introducing CORE INSIGHT Enterprise:

The First Continuous, Real-World
Security Testing Solution

- Precisely measure if critical assets are exposed to breaches.
- Reduce security data volume and identify exposures that matter.
- Verify security controls and threat readiness.
- Answer the question, "Are we more secure than yesterday?"

How does our penetration testing software
measure up according to SC Magazine?

"Power, flexibility, ease of use ...
this one has it all ... Core Impact
becomes our benchmark."

Welcome to Core Security Technologies

Core Security Technologies offers the first and only real-world approach to security testing and measurement. By replicating actual threats across the enterprise, our solutions reveal where and how attacks can access your most important information.

Get real visibility. Get real validation. Get real metrics.

Security Executives
Professional Security Testers
Small & Medium Businesses

Security Executives

Continuous, automated security testing with the CORE INSIGHT Enterprise solution:

Proactively identify real-world exposures in specific critical assets.

Delegate security assessments and improve staff efficiency.

Validate the effectiveness of security controls enterprise-wide.

Learn about CORE INSIGHT Enterprise

Professional Security Testers

Commercial-grade penetration testing with CORE IMPACT Pro software:

Pinpoint exploitable web applications, networks, endpoints, end users and
WiFi.

Take control of real-world, user-guided attack and pivoting capabilities.

Prioritize vulnerabilities with no false positives.

Learn About CORE IMPACT Pro

Small and Medium Businesses

Our experts conduct penetration tests on your terms with IMPACT Professional Services:

Web application, network, endpoint, end user and WiFi testing services

Clear reports of proven exposures + remediation recommendations

Ad-hoc or scheduled engagements

Learn About Professional Services

Latest News View all

Mar 29

Leading Industry Analyst Recommends Penetration Testing

Mar 23

Core Security Executive to Testify Before Senate Committee on Efforts to Secure Critical Infrastructure

Mar 17

Core Security Partners with Canadian Testing Specialists

Mar 10

Core Partners with NT Objectives to Deliver Integrated Security Test & Measurement and Web Application Scanning to Enterprises

Mar 04

Top Layer Selects Core Security’s CORE IMPACT Pro to Verify Network Intrusion Prevention System Protection

Mar 02

Core Security President and CEO Mark Hatton Spotlights Growing Market for Security Test & Measurement at the Montgomery Technology Conference

Feb 28

Core Security Receives Five-Star Product Review from SC Magazine for CORE IMPACT Pro v11

Feb 10

Core Security RSA Conference Week Activities Highlight Security Test & Measurement from the Front Lines to the Board Room

Feb 02

Presidential Advisory Commission on Cybersecurity Recommendations Point to Security Testing as a Key to Validating and Improving Cybersecurity

Jan 31

Core Security Technologies Discovers Vulnerability in Cisco WebEx Conferencing Applications

Advisories & Security Updates

Security Update: VLC Media Player AMV File Memory Corruption Exploit

Security Update: VLC Media Player NSV Memory Corruption Exploit

Advisory: VLC Vulnerabilities handling .AMV and .NSV files

Security Update: Adobe Flash Player SWF File Uninitialized Memory Exploit

Security Update: Microsoft NET Runtime Optimization Service Privilege Escalation Exploit

Security Update: Microsoft .NET Runtime Optimization Service Privilege Escalation Exploit

Security Update: Phoenix Project Manager wbtrv32 DLL Hijacking Exploit

Security Update: Blackmoon FTP Server PORT DoS

Security Update: Microsoft Windows Hyper-V VMBus Vulnerability DoS (MS10-102) Update

Security Update: Microsoft Windows Media Player DVR-MS Memory Corruption Exploit (MS11-015)

Security Update: CA ARCserve D2D Apache Axis2 Default Credentials Remote Code Execution Exploit

Advisory: ZOHO ManageEngine ADSelfService multiple vulnerabilities

Advisory: Cisco WebEx .atp and .wrf Overflow Vulnerabilities

Advisory: Symantec Intel Handler Service Remote DoS

Advisory: Multiple vulnerabilities in BugTracker.Net

Advisory: Landesk OS command injection

Advisory: Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch

Advisory: LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form

Advisory: MS OpenType CFF Parsing Vulnerability

Advisory: Microsoft Office HtmlDlgHelper class memory corruption

From our Blog View all

Apr 04

Mirror Mirror on the Wall

Mar 31

Pick an Access Point, any Access Point: Assessing Man-in-the-Middle Threats Over WiFi

Mar 30

Why Limit Yourself When Penetration Testing?

Mar 28

Mobile Risk Management in the Age of 4G

Mar 24

Fun with SQL Injection Penetration Testing in CORE IMPACT Pro

Mar 21

Focusing on the Spirit of NIST’s Guidance for Continuous Monitoring

Mar 18

Stopping to Smell the Updates: CORE IMPACT Pro Exceeds 100 Updates YTD

Mar 11

Addressing the Inherent and Inherited Risks in Cloud Computing

Mar 04

Shrugging and Eye-Rolling Is Not a Cloud Security Verification Strategy

Feb 23

Behind the Curtain: A Journey into Reversing the Hyper-V VMBus Exploit (MS10-102)

CORE ON CAMERA