LC Networks Communication

New Release - Core Impact 18.1

2018-03-15

It is our mission to continue to produce the most effective and efficient security products and services on the market. Today, I am happy to announce the release of Core Impact 18.1, our market leading penetration testing solution – where we put the focus on enabling user-testing and social engineering.

With this release, we’ve put the focus back on the user, or “client-side” testing, as email is the number one delivery method for most malware. Globally there has been a spike in phishing attacks since 2016. Due to this spike, it became apparent that we needed to ensure Core Impact could help train and enable users and businesses to be prepared for this increase in social engineering-based attacks.   

Core Impact 18.1 is full of some exciting new features such as:

  • Dynamic Credential Capturing – The goal of most phishing attacks is to get users to provide credentials for attackers to find a pathway into an organization. Before, cloning webpages was a way to replicate the real webpage – but became troublesome when it came to time, cost, and real-ness. Now, this feature introduces a more modern and less resource intensive way to display websites for credential capture without having to clone a page and can support webpage chaining to simulate more realistic webpage rendering.
  • Temporal Agent Enhancements – This is an enhancement from the prior release of Core Impact 2017 R2. Now, you can more granularly set self-destruct timeframes for agents, using both global and per-agent expiration settings, such as at the product-wide level, the workspace level, or for each individual module or RPT. Because of this, you will no longer have to worry about missing an agent during clean up.
  • Updated Status View & New Auto-Tagging Feature for Phishing Attacks – This redesign improves real-time module output and introduces an auto-tag feature for easier re-testing. This allows for you to have results at the ready so that additional testing can be simplified.

Further updates you will have access to in this release are:

  • Re-Designed Testing Workflows – Streamlined and intuitive workflows to help increase efficiency and effectiveness of testing.
  • Import New Email Templates – Use your own email templates or easily create and import new ones, no need to be an HTML master.
  • Updated Default Email Templates – Updated some existing templates, removed outdated ones, and created new ones so that you can be immediately effective with your testing
  • New Phishing Wizard – This wizard was buried under another RPT wizard and was difficult to find. We’ve since extracted and made it available by itself with a dedicated workflow.