WebRTC Solutions Industry News

TMCNet:  Core Security Releases New Version of Core Impact Pro [Manufacturing Close - Up]

[January 21, 2013]

Core Security Releases New Version of Core Impact Pro [Manufacturing Close - Up]

(Manufacturing Close - Up Via Acquire Media NewsEdge) Core Security, a provider of predictive security intelligence solutions, announced the release of Core Impact Pro 2013, the latest version of its vulnerability assessment and penetration testing software, that allows organizations to proactively test IT infrastructure and identify exactly where and how an organization's critical data can be breached.

According to a release, Core Impact Pro 2013 adds several new capabilities. These capabilities include CloudCypher, an online service created and managed by Core that works with Windows hashed passwords discovered by Impact during testing and attempts to determine plaintext passwords for those hashes. These obtained passwords can then be used for additional security testing. Other highlights of the release include the ability to team multiple security testers together to interact in the same workspace against the same target environment across multiple copies of Impact. In addition to these new features, Impact 2013 is supported by the company's library of more than 2,800 commercial-grade exploits and other attack techniques.

As described by the company, the features include: -Network Remediation Validation -DNS Communication Channel -Agent Redeploy -Network IG & AP Module output -Reporting enhancements Core Impact 2013's Network Remediation Validation Wizard is a retest option used for previously identified network risks that confirm the risks have been remediated appropriately and the vulnerability management cycle is closed. This feature allows a closed loop capability for the testing process. This new release of Impact has added the ability to communicate using the DNS protocol to agents deployed using a specific set of modules. As security around TCP and HTTP protocols has improved, hackers have looked at alternative data protocols to infiltrate, adding the DNS capability allows testers to use the DNS channel as well. Agent Redeploy is a new feature that allows Impact to verify whether a previously discovered vulnerability has been remediated.

Core Impact now displays rich progress information as the automated pen tests execute against target networks, allowing a user to track progress. Using this feature, Impact can now demonstrate in a user-friendly and graphical manner, exactly what is being executed in real-time. The last new addition for Impact 2013 is report selection for reporting on specific hosts needed, rather than having to run the report on all hosts within the workspace. Reports that support this capability include: -PCI Vulnerability Validation Report -Vulnerability Validation Report -Host Report -Host Based Activity Report -Vulnerability Report -Wellness Report "CloudCypher was originally developed by our internal pen- testing team to allow them to manage passwords more easily as part of a testing engagement. Adding this pen testers' tool, used for nearly ten years of testing by the team, to our next version of Impact brings huge value to our user community. This advanced capability that we'll offer as a cloud service going forward is another example of the unique features that Core, as a multi- discipline company, can bring to this market," said Milan Shah, senior vice president of Products and Engineering at Core Security. "The teaming, DNS communications capabilities, and reporting enhancements are features that our users suggested to us, and we're pleased to be able to add these feature requests to our market- leading product." Core Impact Pro is a software solution for assessing the real- world security of web applications, network systems, endpoint systems, email users, mobile devices, wireless networks, and network devices. Backed by Core Security's ongoing vulnerability research, Impact Pro allows users to take security testing to the next level by safely replicating a broad range of data breach threats. As a result, testers can identify exactly where and how your organization's critical data can be breached.

Complete details: http://www.coresecurity.com/Impact http://www.coresecurity.com ((Comments on this story may be sent to newsdesk@closeupmedia.com)) (c) 2013 ProQuest Information and Learning Company; All Rights Reserved.

[ Back To WebRTC Solutions's Homepage ]

FOLLOW US

Featured Podcasts

Delivering First Class Communications With WebRTC

This webcast captures a recent discussion about WebRTC between Jim Donovan, Director of Product Management at Oracle and Larry Hettick, Editorial Director and Senior Research Fellow at Webtorials. The topics cover WebRTC reliability, interoperability, and security--looking at how Oracle addresses these issues.

Oracle in Enterprise Communications

Most in the industry have heard of the acquisition of Acme Packet by Oracle. What you may not know is that Oracle has a number of telecommunications products including a UC suite, WebRTC Session Controller, and Operations monitoring tools. Oracle is pursuing both the enterprise and service provider.

Featured Whitepapers

ConnectCare & Unified Contact Manager

SPAN's ConnectCare is a WebRTC-based telemedicine app, which allows consumers to easily and instantly avail clinical healthcare from the providers, regardless of their location. This app is extremely useful to healthcare providers, patients and their caregivers alike.

WebRTC Security Concerns

This whitepaper covers two of the most relevant topics in communications industry today: WebRTC and security. We will introduce the problem of security in WebRTC including those traditional VoIP attacks that are going to be present in WebRTC services. Later we will mention ad-hoc WebRTC attacks and protection mechanisms, to close with an overview of identity management solutions.

Migrating Real Time Communications Services to the Web

In the Internet age, businesses that own fixed and mobile communication networks, including traditional Communications Service Providers (CSPs) of all kinds, are being challenged with some tough questions: How do we stay relevant to our customers?

Delivering Enterprise-Class Communications with WebRTC

WebRTC is an emerging industry standard for enabling Web browsers with real-time communications capabilities. It enables enterprises to enhance Web sites, empower BYOD users, and improve video collaboration and on-line meetings, to name but a few examples.

WebRTC Report Extract Reprint

This document examines the growing important of WebRTC, both generally and for telecom service providers. It considers the expanding range of use-cases, the multiple layers of interoperability likely to be desired by telcos, and some implications in terms of network integration and mobility.

WEBRTC SOLUTIONS PAPERS, SLIDES, COLLATERAL

Robust Enterprise Grade WebRTC Systems and Services


The emerging WebRTC standard has become one of the industry's hottest topics – and with good reason. Being able to "communications enable the web" has Communications Service Providers as well as Enterprises busily making plans for deployment. But, as these plans unfold, reality is starting to intrude on those plans. Our expectations of telephony services are much higher than web browsing. We expect the phone to connect instantly, operate with minimal disruption, and work seamless across any network, anywhere, at any time. There is also an understanding that phone service is inherently secure. With WebRTC, the expectation is for these applications to behave in the same manner.

This session looks at the user experience and expectations of a WebRTC Enterprise service. It will also cover how a WebRTC enterprise handles security, reliability, and interoperability within browsers and networks.

ORACLE COMMUNICATIONS WEBRTC SESSION CONTROLLER

The Oracle Communications WebRTC Session Controller enables communications service providers (CSPs) and enterprises to offer WebRTC services – from virtually any device, across virtually any network – with carrier-grade reliability and security.

Sales Presentation: Oracle Communications WebRTC Session Controller

Agenda:
- WebRTC Market and Opportunities
- WebRTC Challenges
- Oracle Communication WebRTC Session   Controller
- Summary

ORACLE COMMUNICATIONS WEBRTC SESSION CONTROLLER SOLUTION

Communication Service Provider (CSP) voice service revenues continue to face pressure due to shifts in communication preferences and competition from non-traditional service providers. Voice communications are now often embedded into applications outside the domain of traditional telephony voice usage. CSPs have been challenged to effectively leverage and monetize new web-oriented communications technologies.