Core Security, which was acquired by Courion Corp. last December, is a predictive security intelligence company that offers two software-based products in the vulnerability management tools space: Core Insight and Core Impact. Core Insight is the focus of this article, as Core Impact focuses more on penetration testing.
Many organizations use more than one vulnerability-scanning tool in an attempt to catch issues that a single scanner might miss. Depending on the strength of the scanner engine and scope of the scan, the output from even a single scanner can produce large volumes of data from which vulnerabilities must be identified and prioritized.
Core Insight is a vulnerability-scanner-agnostic product aimed at enterprises that takes output from one or more scanners from various scanner vendors and then provides a single view into vulnerabilities across an organization. In many cases, Core Insight can reduce a list of thousands of vulnerabilities to less than 100 high-priority issues that must be addressed first.
Core Insight uses modeling, as well as attacker-like simulations and tests, to help security professionals determine the most likely threats to their data and other business assets. An administrator can determine paths an attacker may take across an infrastructure to gain access to servers and resources. Modeling scenarios let an administrator consider all exploits, including malware -- in the wild -- private and many others, as well as Core Security and Metasploit exploits. Using this framework, Core Insight can relate vulnerabilities to uptime and many other metrics.
Another important feature is the product's centralized asset repository; Core Insight uses a centralized single-instance asset store that's designed for fast queries and data analysis. The asset store can sort the vulnerability data by attack vector, CVE and other criteria.
The Core Insight dashboard is ideal for administrators and C-level execs alike, displaying several views, such as an asset tree map; a summary of vulnerabilities by location, risk -- high, medium, low -- and priority change; as well as a security posture trend graph; emerging threats summary; and more. An administrator may perform real-time exploit matching or create a campaign that allows for vulnerability tracking and security changes over time.
Several top vulnerability scanners are supported out of the box with Core Insight, including McAfee Vulnerability Manager -- which has been moved to end of life -- GFI LanGuard and others.
Core Impact is a penetration-testing application that also integrates Nmap for vulnerability scanning. Core Impact Pro is available through Core Insight.
Pricing, licensing and support
The Core Insight vulnerability management product is sold as a perpetual license, which costs about $50,000, with an additional licensing fee based on IP address counts. Volume licensing kicks in, so as the number of assets increases, the cost per asset is reduced. Core Insight sales reps build a customized quote for each customer. A flat annual subscription is not available. Customers also incur a 15% attach rate for services, such as implementing the service for customers on premises.
Core Impact Pro is sold as an annual subscription or as a perpetual license -- with 12 months of maintenance and support. The unlimited version for the annual subscription costs $35,000. The perpetual license costs $60,000, plus 18%, with annual recurring costs averaging around $10,800.
Support is available from 7 a.m. to 7 p.m. local time, Monday through Friday, via the web, email or by phone. Customers can also use the online forum, and they can take free web-based training sessions on company products. Core Security has an internal escalation process that tackles priority issues when needed at no additional cost.
Editor's Note: Core Security recently changed the name of Core Insight to Core Vulnerability Insight.
In part one of this series, learn the basics of vulnerability management tools
In part two, read about enterprise use cases for vulnerability management
In part three, discover the purchasing criteria for vulnerability management tools
In part four, compare the leading vulnerability management products on the market