Core Security Technologies

Core Security Technologies is the leader in commercial-grade penetration testing software solutions that IT executives rely on to expose vulnerabilities, measure operational risk, and assure security effectiveness. The company's CORE IMPACT product family offers a comprehensive approach to assessing the security of network systems, endpoint systems, email users, web applications and wireless networks against complex threats. All CORE IMPACT security testing solutions are backed by trusted vulnerability research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups.

Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at

Our Website:

Latest Content From Core Security Technologies

Whitepaper: 11 Ways to Comply with Federal Information Systems Security Requirements

by Core Security TechnologiesApr 28, 2010

In this white paper, government agencies learn about new provisions added to the Guide for Assessing Controls in Federal Information Systems (NIST SP 800-53A), and how a new commercial software tool addresses these provisions with penetration testing that identifies and assesses critical vulnerabilities existing across networks, endpoints and web applications.

Whitepaper: 6 Best Practices for Government Agencies to Secure Cyberspace

by Core Security TechnologiesApr 28, 2010

The Center for Strategic and International Studies (CICS) report recommends broad adoption of penetration testing across the federal space, and greater use of vulnerability and exploit testing to improve the nation�s cybersecurity standing within several different contexts.

This white paper outlines the key CICS recommendations and identifies a commercial software solution and services that address each of these key issues.

Webcast: How Cyber Terrorists are Exploiting Digital America

by Core Security TechnologiesFeb 09, 2010

Core Security Technologies is pleased to invite you to download this on-demand webcast highlighting the continued emergence of targeted threats aimed at government IT assets and agencies.

You�ll gain insight into the rapidly changing government cyber-security landscape from Tom Kellermann, Core Security VP of security awareness; chair of the Threats Working Group on the CSIS Commission on Cyber Security for the 44th Presidency; witness for the Senate Homeland Security and Government Affairs Committee on matters of federal policy reform; and former senior member of the World Bank Treasury Security Team

Tom�s presentation underscores vitally important issues of national cyber-security including:

- The rise of targeted attacks on government IT systems, applications and infrastructure
- Participation in attacks by nation state-backed groups, organized criminals and terrorists
- The use of trusted inter-agency and contractor relationships to circumvent IT defenses
- The ability of agencies to more effectively manage risk via proactive vulnerability management
- The need to conduct red team penetration testing exercises to unearth specific points of risk
- You�ll also learn how proactive penetration testing and internal �red team� exercises can help your agency prepare for, prevent and respond to electronic attacks.

Download this webcast today and begin improving your security strategy immediately. �

Whitepaper: Implementing Critical Controls for Federal Information Security

by Core Security TechnologiesApr 28, 2010

The release of the 2009 Consensus Audit Guidelines (CAG) outlines the need for federal cyber-security controls that are tacitly proactive and can �inform defense� of actual attacks that have compromised systems, or those that could transpire to do so.

This white paper explores specific directives of the CAG, and highlights a commercial software application that arms government agencies and their private-sector partners with the tools to perform ongoing penetration testing of web applications, network systems, endpoints and email users, and to simulate both external and internal attacks, including the ability to carry out testing over wireless networks.