All too often, IT shops realize their weaknesses only after they’ve been hacked. Fortunately, Core Security Technologies has a solution: Hack yourself before others do.
The company on Tuesday introduced Core Impact v7.5, the latest version of its security analysis and testing tool. The update adds new features that let users attempt to breach themselves to see how far the rabbit hole goes.
The hallmark of the Impact line in past versions has been automated penetration testing. But the latest version goes after network security penetration by breaking unsecured Web applications to see how far hackers can get once they have broken through your outer walls.
All of this is done without damaging the system.
“We want to make sure you prioritize and fix problems that are real and not fixing a false positive,” Susan Challenger, vice president of marketing for Core, told InternetNews.com. “Organizations have hundreds and hundreds of existing Web apps, many of which were built long before security was part of the development cycle. You can’t justify rewriting all of them but you know you have to go back and look for potential problems.”
Because most Web apps are custom built, there’s more variation, which requires greater variation in simulated attacks. Impact 7.5 lets the attack be customized on the fly while trying to break the security, and focuses on two types of attacks: Remote File Inclusion (RFI) and SQL Injection.
In both cases, Impact first analyzes pages to see which may be vulnerable to attack. It then generates SQL Injection and RFI attacks based on those results to prove whether the vulnerabilities pose actual threats.
Once inside a network, the Impact agent then behaves just as a hacker might once a system is compromised, exploiting the trusted status it has and probing the system until it finds valuable information or devices. At the same time, Impact is generating a report showing how far it’s successfully penetrated the network.
Core Impact v7.5 will be available within 30 days.