Core Impact Professional
February 01, 2013
Core Security TechnologiesProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Powerful penetration testing and vulnerability scanning with a lot of automation options
- Weaknesses: Nothing that we found
- Verdict: Typical Core Security quality. We’ve used this product extensively and never been disappointed. Best Buy
The people at Core Security are at it again. We found this version of the product to contain more automation, more wizards and more options than previous versions we have tested. For those that are unfamiliar with this tool, Core Impact is quickly becoming the standard in penetration testing and vulnerability scanning. It features many types of penetration tests, including network-based and remote host-based, as well as many other tools, including Wi-Fi network and web-based penetration tests.
When we first saw this solution a few years ago, it was small and simple to install. Installation took just a few minutes and was run from an executable installer. As the solution has grown over the years, it has gained a lot of functionality, but it is still just as simple to install and use. The installation package, as well as the decryption key needed to open it, was delivered as a download via our email. Once we downloaded the installer and decrypted it using the decryption key, we were taken through a short installation wizard to configure some basic settings for installation - and that was it. The installer took care of implementing all of the necessary components, including Microsoft SQL Server Express and the Crystal Reports engine.
Once installation was complete, we launched into the application and found that the interface still has pretty much the same modular layout, but with one big difference. Ready to use straightaway were quite a few wizard-based options for many types of penetration test.
Along with the many wizards and automation features, this solution has come a long way over the years in vulnerability scanning. When Core Impact was in its early stages, it was basically a penetration tool and not much more. That has changed significantly. It can now run vulnerability- and risk-based assessment scans, as well as validate results from many other scanners by taking the logs and outputs of those scanners and comparing them with its results. This offers - from one application - a full overview of the entire network security posture.
Documentation included a full PDF user guide, as well as a couple of supplemental reference guides. The user guide covers the product from installation through advanced use. We found this to include many screenshots along with easy-to-follow instructions and descriptions on how to use the various product features. A module reference guide features in-depth descriptions of exploit modules, as well as many integration options and operations.
Core Security offers both standard and premium support to customers with Core Impact Professional. Standard support is available at no additional cost and includes 12/5 phone- and email-based technical assistance, along with access to a customer portal that includes resources, such as a knowledgebase, user forums and user-training materials. Premium assistance offers all of this, but phone- and email-based help is available 24/7/365. This aid level requires the purchase of a plan with an annual cost of £2,250.
With a price tag of £25,000 for the software, this offering may seem quite pricey. However, we find it to be excellent value for the money based on its solid ease of use, powerful penetration and vulnerability assessment tools, and overall automation.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry