Core Security Technologies

Last updated
Core Security by HelpSystems
IndustryComputer Security
Vulnerability Management
Security Consulting Services
Founded1996
Headquarters6455 City West Parkway
Eden Prairie, MN
Key people
John Racine, Identity Governance Solutions
Brian Wenngatz, General Manager
ProductsPenetration testing, vulnerability management, identity governance & administration
Parent HelpSystems
TA Associates
Website http://www.coresecurity.com

Core Security by HelpSystems is an American computer and network security company provides cyber threat prevention and identity access management software products and services, including penetration testing, network traffic analysis, threat detection, privileged access management, and identity governance The company’s research arm, CoreLabs, identifies new IT security vulnerabilities, publishes public vulnerability advisories, and works with vendors to assist in eliminating the exposures they find. [1]

Contents

In February 2019, HelpSystems acquired the Core Security products from SecureAuth. [2] HelpSystems is a global enterprise software company working in the areas automation and cybersecurity.

History

In 1996, Core Security was founded in Buenos Aires, Argentina. One year later, the CoreLabs Research group was established and published their first advisory.

Core conducted its first penetration test for a U.S. company in 1998. In the same year, Core Security was recognized as an "Endeavor Entrepreneur" by the Endeavor Foundation, a foundation that supports entrepreneurial projects in emerging markets.

In 2000, the company's first U.S. office opened in New York, NY. Two years later, Core released the first and second versions of their flagship penetration testing product, Core Impact Pro. [3]

In 2002, Morgan Stanley became a shareholder in Core, investing USD 1.5 million and retaining a seat on the board.

In 2003, the company's U.S. headquarters was relocated from New York to Boston, MA. Five years later, Mark Hatton became the CEO of Core Security. [4]

In 2009, Core adds development sites in Boston and India. One year later, Core announced the beta of its new security testing and measurement product, Core Insight.

In 2012, Core announces partnership with nCircle. [5] In the same year, Core announces partnership with NT Objectives. [6]

In 2013, Core Security is named to the 2013 Inc. 500/5000 List. [7] The firm, at the time, employed 180 people, 150 of whom are based in Buenos Aires. [8]

In 2014, Core Security Adds Intrinium to its Partner Program and extends its reach to the Pacific Northwest. [9] In the same year, Core Security announced the latest version of its Core Attack Intelligence Platform. [10] Also in 2014, Core Security won the Information Security Magazine and SearchSecurity.com 2014 Readers' Choice Awards for "Excellence in Vulnerability Management." [11]

In December 2015, Core Security was acquired by identity and access management (IAM) company Courion; [12] in May 2016, Courion rebranded itself with the Core Security name. [13]

In July 2016, Core Security Technologies acquired Damballa for $US 9 million. [14]

In 2017, Core Security merged with SecureAuth. [15]

In 2019, HelpSystems acquired the Core Security solutions from SecureAuth. [16]

On March 4, 2020, Core Security by Helpsystems acquired Cobalt Strike.

on 2022 Helpsystems, rebranded to Fortra a name more synchronous with cyber security world.

Research and advisories

According to its website, Core Security's research department, Core Labs, conducts research in system vulnerabilities, cyber attack planning and simulation, source code auditing and cryptography. Core Labs publishes security advisories, technical papers, project information and shared software tools for public use, with its researchers participating in IT security research conferences including the Black Hat Briefings. [17] [18]

See also

Related Research Articles

<span class="mw-page-title-main">SANS Institute</span> American security company

The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.

A penetration test, colloquially known as a pentest, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is performed to identify weaknesses, including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.

The Open Worldwide Application Security Project (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and web application security. The OWASP provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 - 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations.

<span class="mw-page-title-main">F5, Inc.</span> U.S. information technology company

F5, Inc. is an American technology company specializing in application security, multi-cloud management, online fraud prevention, application delivery networking (ADN), application availability & performance, network security, and access & authorization.

Software assurance (SwA) is a critical process in software development that ensures the reliability, safety, and security of software products. It involves a variety of activities, including requirements analysis, design reviews, code inspections, testing, and formal verification. One crucial component of software assurance is secure coding practices, which follow industry-accepted standards and best practices, such as those outlined by the Software Engineering Institute (SEI) in their CERT Secure Coding Standards (SCS).

<span class="mw-page-title-main">Metasploit</span> Computer security testing tool

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.

<span class="mw-page-title-main">Ivanti</span> American IT software company

Ivanti is an IT software company headquartered in South Jordan, Utah, United States. It produces software for IT Security, IT Service Management, IT Asset Management, Unified Endpoint Management, Identity Management and supply chain management. It was formed in January 2017 with the merger of LANDESK and HEAT Software, and later acquired Cherwell Software. The company became more widely known after several major security incidents related to the VPN hardware it sells.

<span class="mw-page-title-main">Fortify Software</span> American software company

Fortify Software, later known as Fortify Inc., is a California-based software security vendor, founded in 2003 and acquired by Hewlett-Packard in 2010, Micro Focus in 2017, and OpenText in 2023.


This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.

<span class="mw-page-title-main">EPAM Systems</span> American technology company

EPAM Systems, Inc. is an American company that specializes in software engineering services, digital platform engineering, and digital product design, operating out of Newtown, Pennsylvania. EPAM is a founding member of the MACH Alliance.

<span class="mw-page-title-main">Entrust</span> American digital security company

Entrust Corp., formerly Entrust Datacard, provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The privately-held company is based in Shakopee, Minnesota and employs more than 2,500 people globally.

<span class="mw-page-title-main">H. D. Moore</span> American businessman (born 1981)

H. D. Moore is a network security expert, open source programmer, and hacker. He is the founder of the Metasploit Project and was the main developer of the Metasploit Framework, a penetration testing software suite.

iViz Security Information security company

iViZ Security is an information security company which is into on-demand application penetration testing for proactive security audit risk management and compliance for standards such as SOX, PCI, HIPAA and ISO 27001:2005.

Imperva, Inc. is an American cyber security software and services company which provides protection to enterprise data and application software. The company is headquartered in San Mateo, California.

Cigital was a software security managed services firm based in Dulles, VA. The services they offered included application security testing, penetration testing, and architecture analysis. Cigital also provided instructor-led security training and products such as SecureAssist, a static analysis tool that acts as an application security spellchecker for developers.

GitLab Inc. is an open-core company that operates GitLab, a DevOps software package that can develop, secure, and operate software. The open-source software project was created by Ukrainian developer Dmytriy Zaporozhets and Dutch developer Sytse Sijbrandij. In 2018, GitLab Inc. was considered to be the first partly-Ukrainian unicorn.

The following outline is provided as an overview of and topical guide to computer security:

Perforce Software, Inc. is an American developer of software used for developing and running applications, including version control software, web-based repository management, developer collaboration, application lifecycle management, web application servers, debugging tools and agile planning software.

<span class="mw-page-title-main">Katie Moussouris</span> American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. Previously a member of @stake, she created the bug bounty program at Microsoft and was directly involved in creating the U.S. Department of Defense's first bug bounty program for hackers. She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, and currently is the founder and CEO of Luta Security.

Code Dx, Inc. was an American software technology company active from 2015 to 2021. The company's flagship product, Code Dx, is a vulnerability management system that combines and correlates the results generated by a wide variety of static and dynamic testing tools. In 2021, the company was acquired by Synopsys.

References

  1. "Inc. Magazine Unveils Its Annual Exclusive List of America's Fastest-Growing Private Companies - the Inc.500|5000". CORE Security. Archived from the original on 2014-02-25. Retrieved 2014-02-21.
  2. "HelpSystems Picks Up SecureAuth's Core Security Portfolio". Channelnomics. 7 February 2019. Archived from the original on 11 December 2019. Retrieved 20 March 2019.
  3. "Technologies announces first comprehensive penetration testing tool". CORE Security. 2002-03-04. Archived from the original on 2014-02-25. Retrieved 2014-02-21.
  4. "Technologies Appoints New CEO & Relocates Corporate Headquarters to Boston". CORE Security. 2003-05-30. Archived from the original on 2014-02-25. Retrieved 2014-02-21.
  5. "Tripwire, Inc – IT Security Software to improve data security and regulatory compliance". Ncircle.com. Archived from the original on 2013-06-06. Retrieved 2014-02-21.
  6. "Core Security & NT OBJECTives Partner to Deliver First-of-its-Kind Comprehensive View of Web Application Security Posture". CORE Security. 2012-04-18. Archived from the original on 2014-02-25. Retrieved 2014-02-21.
  7. "Named to the 2013 Inc. 500/5000 List". CORE Security. 2013-08-21. Archived from the original on 2014-07-19. Retrieved 2014-07-15.
  8. Conferencia Internacional LALICS 2013 p.8
  9. Core Security. "Core Security Press Releases Archived 2014-08-26 at the Wayback Machine ." January 30, 2014. July 29, 2014.
  10. "Prioritizing vulnerabilities to close gaps where it matters". net-security.org. 7 August 2014. Retrieved 2014-08-07.
  11. "Wins 2014 Readers' Choice Award for Excellence in Vulnerability Management". CORE Security. 2014-11-25. Archived from the original on 2015-04-13. Retrieved 2015-01-12.
  12. "Courion Acquires Attack Intelligence Solutions Provider Core Security". Courion. 2015-12-09. Archived from the original on 2016-05-12. Retrieved 2016-06-01.
  13. "Courion has Rebranded as the New Core Security". Core Security. 2016-05-25. Archived from the original on 2016-09-25. Retrieved 2016-06-01.
  14. "Atlanta's Damballa sold for nearly $9 million - Atlanta Business Chronicle" . Retrieved 30 September 2016.
  15. "SecureAuth Acquired for $225 Million, to Merge With Core Security - SecurityWeek". 22 September 2017. Retrieved 19 April 2019.
  16. "HelpSystems Picks Up SecureAuth's Core Security Portfolio". Channelnomics. Archived from the original on 2019-12-11. Retrieved 2019-03-20.
  17. "Core Advisories". CORE Security. Retrieved 2014-02-21.
  18. Gregg Keizer (2010-05-06). "Security firm reveals Microsoft's 'silent' patches". Computerworld. Retrieved 2014-02-21.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.