Tool tests for phishing-attack gullibility

Tool tests for phishing-attack gullibility

Core Security vulnerability-assessment tool simulates attacks

Do your company's employees seem like easy dupes for e-mail phishing attacks and other scams? A vulnerability-assessment tool from Core Security Technologies lets you set up automated tests to find out.

Impact 7.0 lets you set up automated spear-phishing attacks and other types of e-mail-based threats, record how targeted users react to the bait, and collect the results in reports for review. It also can check users' desktop applications for vulnerabilities and need for patch updates.

"With Impact, you can model a spear-phishing attack, and find out which users will click on embedded e-mail that fools them with a 'You've won a vacation prize,'" says Will Aguilar, senior product manager.

The vulnerability-assessment tool's Client-Side Rapid Penetration Test offers a selection of templates to set up simulated social-engineering attacks, including a hidden Trojan horse that users might be duped into installing.

The social-engineering testing component augments Impact's vulnerability-assessment capabilities for server and desktop applications and operating systems.

Impact 7.0, expected to ship by the end of August, starts at US$25,000.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Industry Events

24 May
ARN Exchange
20 May
View all events