CORE IMPACT Pro

Endpoint Security Testing

PUT YOUR ENDPOINT SECURITY TO THE TEST

It’s clear that direct, email-based attacks on employees and contractors pose one of the greatest
P R O F E S S I O N A L
threats to information security today. Once compromised, end-user workstations not only expose local
data to cybercriminals, but also can provide them with access to other, more sensitive systems on the
same network.
Assess the Consequences of
CORE IMPACT Pro makes it easy for you to frequently assess your organization’s susceptibility to phishing, Successful Endpoint Attacks
spear phishing and other social engineering techniques. Using IMPACT Pro’s Client-Side Rapid Penetration
Test capabilities, you can safely replicate real-world email-based attacks that test end-user security policies With CORE IMPACT Pro, you gain
indisputable evidence of the threats
and identify systems requiring patches and other updates. Each test is backed by comprehensive reports
posed by vulnerabilities on endpoint
that can assist with compliance initiatives and help you pinpoint ways to strengthen data security.
systems. By replicating real-world social
engineering attacks, IMPACT Pro allows
you to see and report on the potential
Quickly identify social engineering targets
consequences of a successful breach:
Social engineering attacks target end-user computers otherwise protected by perimeter defenses. The
user must therefore inadvertently expose their computer to attack by clicking on an email link or opening • View the local file system and
an attachment – or sometimes simply by opening or previewing the email message itself. In the cases of mapped drives
phishing and spear phishing, this begins with acquiring an email address. IMPACT Pro offers a number of
• Upload and download files to
modules for gathering email addresses from your organization, including:
and from the end-user system
• Crawling a website to harvest addresses published on the site • Open and interact with files on
• Leveraging major search engines to locate addresses for a given domain the compromised system

• Finding addresses in PGP and Whois databases • Gather user names and passwords
from endpoint applications
You can also enter or import your own list of email addresses to test.
• Take a screenshot of current
activity on end-user’s desktop
Safely emulate phishing and spear phishing threats • Harvest email addresses from
With IMPACT Pro, you can either test email-user security awareness by replicating realistic phishing mail clients
attacks or conduct transparent assessments of client-side security without social engineering. The product • Deploy a keylogger that tracks the
includes sample email templates that mimic common phishing threats, and you can create your own user’s keystrokes
custom spear phishing emails that leverage inside knowledge of your organization. IMPACT Pro also takes
care of sending the email, giving you options such as selecting an SMTP server or spoofing a specific • Perform a password dump from
the user’s web browser
“from” email address (e.g., the administrative account on your network).

IMPACT Pro’s extensive library of client-side exploits cover threats that target: Many of these post-exploitation
modules can be run automatically after
• Endpoint applications: e.g., web browsers, email clients, instant messaging, media players, business the target is compromised. You can
applications and productivity tools therefore deploy phishing tests where
IMPACT “listens” for email-user clicks
• Endpoint security solutions: e.g., antivirus, anti-phishing, anti-malware, host-based intrusion detection for a period of time, automatically
and prevention systems launches Commercial-Grade
• Endpoint operating systems and services: e.g., Windows, Mac, Linux exploits, and collects evidence of
successful compromises.
Created in-house at Core Security by a professional team of experts, the product’s client-side exploits are
Commercial-Grade – ensuring that they are current, effective and safe for your network. What’s more, IMPACT Pro also enables you to
assess your network’s security
IMPACT Pro’s automated capabilities allow you to test an endpoint system against multiple client-side
against multistaged attacks that
exploits with a single click, adding efficiency and speed to security assessments. leverage compromised end-user
systems to target OS and services
Once you’ve successfully compromised an endpoint system, IMPACT then enables you to determine the vulnerabilities on backend servers
ramifications of an actual breach with a number of post-exploitation capabilities (see sidebar). (see reverse).
Pivot to network testing and determine the risks of inside access
IMPACT Pro is the only product to integrate endpoint and network security testing, emulating the multistaged attacks that increasingly
threaten organizations today. With IMPACT Pro’s Network Rapid Penetration Test capabilities, you can leverage any compromised end-user
system as a beachhead from which to launch attacks against backend servers. This allows you to replicate not only the actions of an attacker
who gains network access via a social engineering attack, but also those of a rogue employee or contractor with legitimate network access.
As a result, you’re able to demonstrate how a single compromise can escalate to a large-scale data breach – and get the actionable data you
need to prevent such a breach.

IMPACT Pro allows you 9 Windows OS

to replicate multistaged Vulnerability Exploited
attacks that leverage
compromised systems to
target backend resources,
revealing how chains of
exploitable vulnerabilities
can open paths to your
organization’s mission-
critical systems and data.
IMPACT Pro gives you actionable
data about:
• where critical exposures lie
9 OracleDB • what systems and data are at risk
Vulnerability • what steps are necessary
Exploited for remediation

9 PDF Vulnerability Exploited

9 IMPACT Agent Deployed

Audit endpoint security and evaluate security awareness programs

With IMPACT Pro, you can easily benchmark security awareness and incident response programs, as well as demonstrate ongoing
improvements in security program effectiveness for auditing and compliance purposes. You can also identify critical, exploitable vulnerabilities
that link from your organization’s endpoints to its backend systems and data.

CORE IMPACT Pro includes the following endpoint and end-user reporting capabilities:

• Client-Side Penetration Test Report: a full audit trail of each attack, including the email template sent, exploits launched, test results
(success or fail), and details about compromised systems
• User Report: a report of which links were clicked, when they were clicked, and by whom

In addition, IMPACT Pro offers a variety of other ways to document your security assessments, including visual attack path reports, delta reports,
and PCI and FISMA compliance reports -- as well as multiple network, web application and wireless penetration testing reports.

Headquarters Next Steps ...

41 Farnsworth St.
Boston, MA 02210
Ph: (617) 399-6980
Fax: (617) 399-6987
www.coresecurity.com
CORE IMPACT Pro also includes capabilities for testing the security of network systems, web
applications and wireless networks. Want to learn more? Contact us today to schedule a demonstration:
Phone: (617) 399-6980 Email: info@coresecurity.com

© 2009 Core Security Technologies and CORE IMPACT are trademarks of CORE SDI, Inc. All other brands and products are trademarks of their respective holders.