13 December, 2006

A visit to CORE

Mike has a post up about our visit to CORESecurity last week. Anyone who has read me for the last several months knows (to use Mikes phrase) I drank the Core kool-aid a long time ago. I have probably already burnt my fuel plugging them already so I will let Mike do some of the plugging for me.

Argghhh I can't help myself

I used it for several years including time I spent as a pen tester at an organization that did dozens of companies including large financials.

They have a great product and if you are a pen tester and not using it then you either:
  • Haven't actually looked at what they have
  • are arrogant think you know better than everyone else how to pen test and are ignorant of how much time and money you can save per test while at the same time improving consistent quality and therefore probably stiffing your customers
  • think it is cost prohibitive and have not talked to them about the options
  • Are new to the game and think Metasploit is the cat's meow or running a Nessus scan by itself is actually pen testing
  • Just have never heard about it

It has a place inside a non pen testing organization or normal IT shop as well

  • Improving credibility while pointing out vulnerabilities to sysadmins
  • providing CYA because of its detailed logging of what it does
  • Impressing the hell out of executives in IT and the business alike
  • Eliminating false positives from vuln scans
  • as part of a simplified process to ensure visibility of internal and cross boundary (read firewalls/DMZ/Segmentation) weaknesses (SCADA!!!)
  • To pen test yourself for less cost (You can do it monthly even in large companies)

I have used it on Automated Control systems (SCADA) without causing any problem including Honeywell, ABB/Rockwell Siemens and Emerson. (with proper notification and management of change of course)

OK Blatant plug finished. Hey if something works and has helped me I like to tell others.

No comments: