CORE Security’s enhanced CORE Insight provides unified threat validation and prioritisation

CORE Security, a leading provider of predictive security intelligence solutions, announced a major enhancement to CORE Insight Enterprise that provides IT security professionals and leaders with the ability to identify critical exposures to their infrastructure and – for the first time – link them to the actual risk to the business. A real-time security intelligence platform, CORE Insight provides unified threat validation and prioritisation while feeding key analytics to the security ecosystem. Additionally, CORE Insight enables organisations to improve IT security, optimise budgets, increase efficiency of security operations, and predict threats without disrupting operations.

 “Security experts are constantly looking for ways to streamline and automate as many processes as possible to stay on top of a difficult threat landscape.  Right now there is too much disparate data for these security experts to process and analyse”, said Charles Kolodgy, research vice president, Secure Products, IDC. “By offering scanning, simulation, reporting and vulnerability remediation in Insight 2.0, CORE Security has taken a major step in delivering a single platform that provides actionable intelligence.  As important, the solution allows for the communication of security risk in a language the business understands.”

 With version 2.0, CORE Insight now offers a comprehensive set of vulnerability management capabilities – including integrated network and web application vulnerability scanning; attack planning and simulation; threat replication; dashboards and reporting; and vulnerability remediation – on a single platform. CORE Insight 2.0 offers customers access to bundled network and web vulnerability scanners, including nCircle and NT OBJECTives (NTO), in addition to the ability to import and interact with data from other leading scanning solutions. Users now have the capability to schedule and manage scans directly from within CORE Insight.

Leveraging imported scan data, CORE Insight combines patented artificial intelligence developed by CORE Labs with proactive security assessment capabilities to:

• Reveal attack paths that leverage vulnerabilities identified by network and web application scans
• Simulate and/or replicate attacks targeting the vulnerabilities across network, web and endpoint vectors
• Proactively identify critical threats in need of remediation
• Deliver security data in business context, enabling clearer risk understanding and prioritisation 
• Provide remediation information and track the efficacy of remediation efforts

New enhancements that address customer challenges, streamline vulnerability management processes, reduce associated costs, and improve overall security

Integrated network and web vulnerability scanning

• Challenge addressed: Disparate, underutilised and disconnected vulnerability management tools
• Benefit delivered: Time savings and reduced costs via vulnerability consolidation and validation through a single vulnerability management interface

Streamlined workflow for vulnerability management processes

• Challenge addressed: Time- and resource-intensive vulnerability management data correlation and validation
• Benefit delivered: Actionable data to inform  better decision making for increased efficiency and effectiveness – and the ability to customise security intelligence efforts to including scanning, simulation, testing, remediation, tracking and reporting

Multi-vector threat analysis

• Challenge addressed: Significant time wasted in manually consolidating, analysing and interpreting siloed, vector-specific vulnerability data
• Benefit delivered: Deep understanding of an organisation’s total risk profile based on how criminals would exploit and traverse paths of vulnerabilities across web applications, network systems and client-side infrastructure

Grouping of users, targets and campaigns

• Challenge addressed: Inaccurate or non-existent reporting of security metrics to business leaders resulting from lengthy gaps between vulnerability identification and threat remediation
• Benefit delivered: A standardised platform for communication with other business units; more efficient security resource delegation and decision making; and the ability to efficiently assess risks to critical business assets

Enhanced simulation capabilities

• Challenge addressed: Environments that do not permit exploit-based security testing to validate vulnerabilities and trace attack paths
• Benefit delivered: The ability to model attack paths and determine business risk without affecting production systems

  In addition, CORE Insight has been enhanced with a new graphical user interface (GUI) to improve the user experience and allow for more concise views.