Tool tests for online gullibility

Do your company’s employees seem like easy dupes for e-mail phishing attacks and other scams? A vulnerability-assessment tool from Core Security Technologies lets you set up automated tests to find out.

Impact 7.0 lets you set up automated spear-phishing attacks and other types of e-mail-based threats, record how targeted users react to the bait, and collect the results in reports for review. It also can check users’ desktop applications for vulnerabilities and need for patch updates.
“With Impact, you can model a spear-phishing attack, and find out which users will click on embedded e-mail that fools them with a ‘You’ve won a vacation prize,'” says Will Aguilar, senior product manager.

The vulnerability-assessment tool’s Client-Side Rapid Penetration Test offers a selection of templates to set up simulated social-engineering attacks, including a hidden Trojan horse that users might be duped into installing.
The social-engineering testing component augments Impact’s vulnerability-assessment capabilities for server and desktop applications and operating systems.

Impact 7.0, expected to ship by the end of August, starts at US$25,000.

Comment: [email protected]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.