nCircle and Core Security Technologies Advance Integration and Address CAG Requirements

Share Article

Expanded Integration Empowers Government and Commercial Organizations to Meet Emerging Security Standards and Improve Vulnerability Management.

“We are pleased to work with market leader, Core Security to deliver even more complete coverage of the Consensus Audit Guidelines,” said Karl Hutter, nCircle. “This is a proactive set of guidelines for both government and commercial organizations."

nCircle, the leader in security and compliance auditing solutions, today announced that it has expanded its relationship with Core Security Technologies, the provider of the CORE IMPACT family of comprehensive enterprise security testing solutions, broadening integration between the two companies’ highly complementary security assessment solutions.

By leveraging fully-supported integration between CORE IMPACT Pro, the market’s leading automated penetration testing software solution, and the nCircle IP360 network vulnerability management system, commercial organizations can streamline their vulnerability management processes to more quickly and cost effectively validate critical vulnerabilities that are immediately exploitable on their networks.

For government agencies and commercial businesses that support such organizations, use of the two products in concert allows for compliance with specific controls within 18 of the 20 Requirements laid out in the recently introduced Consensus Audit Guidelines (CAG), including the ability to fully meet many of the security mandates.

Developed by a consortium of public and private security leaders and first published by training specialists SANS Institute in Feb. 2009, CAG Requirements specifically cite the need for cyber-security controls that are tacitly proactive and can “inform defense” of actual attacks that have compromised systems, or those that could transpire to do so.

By feeding the results of vulnerability assessments run using nCircle IP360 directly into IMPACT Pro, IT security teams within government agencies and commercial organizations can pinpoint the exploitability and severity of vulnerabilities in direct relation to real-world malware and hacking techniques to understand precisely which results represent their more significant points of risk.

The combination of vulnerability scanning and automated penetration testing is recognized among IT security practitioners as a best practice for finding and assessing networking systems flaws and configuration errors. Through this process, organizations can improve their overall vulnerability management processes and dramatically reduce the cost of remediation, while reducing the risk of potential attacks and related loss of sensitive electronic data.

“We’re proud to announce that we’ve reinforced this strategic relationship between two of the most respected products on the vulnerability assessment and penetration testing landscape today,” said Mark Hatton, CEO of Core Security. “Organizations continue to rapidly advance their security testing and measurement initiatives, and direct integration between these complementary solutions will help government customers and commercial organizations better understand their exposure to attacks and data theft, in an a highly productive fashion.”

“We are pleased to work with market leader, Core Security to deliver even more complete coverage of the Consensus Audit Guidelines,” said Karl Hutter, SVP Corporate Development, nCircle. “This is a comprehensive and proactive set of guidelines that can make both government and commercial organizations more effective.”

About nCircle
nCircle is the leading provider of automated security and compliance auditing solutions. More than 4,500 enterprises, government agencies and service providers around the world rely on nCircle’s proactive solutions to manage and reduce security risk and achieve compliance on their networks. nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. Additional information about nCircle is available at

About Core Security Technologies
Core Security Technologies provides IT security executives with comprehensive security testing and measurement of their IT assets by adding real-world actionable intelligence and verification to their IT security management efforts. Our software products build on over a decade of trusted research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at 617-399-6980 or on the Web at:


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Elizabeth Ireland
Email >

Shelley Boose
Shev Rush PR
Email >
Visit website