Core Security Technologies has launched the latest version of CORE IMPACT Pro V8.

 

The new version introduces cross-site scripting and blind SQL injection modules that are designed to help address current major security risks.

 

It is designed to enable security staff to safely replicate sophisticated, real-world attacks that reveal exploitable weaknesses in complex web applications, giving developers the information they need to mitigate critical vulnerabilities.

 

It also features the new Delta Report, which tracks and compares test results over time, providing an ideal way for customers to present the progress of vulnerability management initiatives. Users can also schedule regular testing of the network and endpoint, as well as manage large-scale testing that can sort, filter and select target systems.

 

Charles Kolodgy, security practice director at IDC, said: “With attackers unleashing a constant barrage on corporate networks, endpoints and ubiquitous applications, organisations have found that the best way to rapidly improve their IT security posture is to conduct proactive penetration testing on a regular basis.

 

“By uncovering exploitable vulnerabilities across a wide range of potential threat vectors, organisations can move quickly to plug existing security holes before their IT infrastructure is compromised.”

 

Fred Pinkett, vice president of product management at Core Security Technologies, said: “Lots of people out there are doing lots of scans but no one is doing testing and penetration testing. A lot of people in penetration testing are hiring services and expertise that they may only do a few times a year, so they are doing testing but not understanding their risk profile.


“They are testing the security system from a holistic point of view, as well as trying to write good applications – is this an investment in security that is giving you what you want? People are being tested every day by hackers, but are they testing themselves?”