CMIT-321-Executive-Proposal

2703830-252730Executive Proposal

00Executive Proposal

2703830-9525Assignment#01

Student Registration #

00Assignment#01

Student Registration #

327660043815000centercenter9500095000

327660043815000centercenter9500095000

2447925262255Security Testing Software for ADVANCED RESEARCH

00Security Testing Software for ADVANCED RESEARCH

280035055880 Submitted By:

Date of Submission:

OCT. 4, 2014

00 Submitted By:

Date of Submission:

OCT. 4, 2014

Executive Summary

Security testing software is a very important entity for many organizations as it provides security to a company’s network by identifying and testing vulnerabilities before potential hackers can exploit them. Advanced Research has been the victim of cybercriminal efforts to take intellectual assets and sell it to their competitors. It is assumed that our network of corporate documents has been infiltrated by illegal sources more than once.

The following is a plan for implementation and purchase of the CORE IMPACT pro for the protection of Advanced Research. The software product, IMPACT pro, is used internally to test the security of web applications, our network system, wireless networks, endpoints, and also many emailed based social attacks of engineering.

In short, IMPACT pro addresses penetrations by testing essential components to the infrastructure. The software also works to identify vulnerabilities and assess weak points in nearly all organizations networks that deal with cybercrime landscape, the production of layered security items. IMPACT pro also intermingles with the rising demand for the tangible metrics which are used to measure the development in security programs and to share these results with business management and IT.

All these factors have motivated the extensive adoption of comprehensive vulnerability management technologies by many companies. IMPACT pro uses advanced scanning systems and defensive tools which interact with individual dangers to deliver lists of potential weak aspects, or Security Management Systems that make use of algorithms in order to calculate theoretical threats. IMPACT pro’s capability to put on a wide array of real world threat situations allows organizations to test their networking assets and IT. Once a network has been compromised, any and all devices connected to such network have the potential to be compromised as well (Murphy, 2013). In short, IMPACT pro will assist Advanced Research in order to evaluate its most significant compliance-related and security risks.

The Requirement:

The main objective is to prevent access to the intellectual property of Advanced Research Corporation, available through our company’s network, from cybercriminals. Advanced Research is still a fairly young company and because of this, management has been hesitant to budget for expensive security projects in the past, which has resulted in the loss of millions of dollars in the form of research data stolen from its corporate network by cyber thieves. Due to continued potential loss, there is a need to purchase the necessary testing software. After much research, I have found CORE IMPACT pro to be the best solution for Advanced Research. Core Impact is rapidly becoming the standard in vulnerability scanning and penetration testing. This top of the line software features various penetration tests, including remote host-based and network-based, as well as web-based penetration tests, and Wi-Fi network (Stephenson, 2013).

The Proposed Solution:

CORE IMPACT Overview:

Core IMPACT pro will enable Advanced Research to complete independent, proactive penetration analysis on our applications, systems and end uses. It will allow us to replicate malware, data theft techniques, and real world hacking while gaining actionable material that will assist us in finding and fixing our most pressing security weaknesses. After using this product, we can determine the way our awareness policies and defensive security measures detect, react and prevent future attacks.

IMPACT pro will enable us to test:

Critical OS facilities and desktop and server operating systems.

IPS, IDS, network security solutions and firewalls.

End point security solutions such as anti-malware, anti-phishing, antivirus, prevention systems and host based intrusion.

End point applications such as web browser, instant messaging, email readers, business application. Media players and productivity tools.

End user awareness of spam, phishing and social engineering.

Core Impact Pro

The Benefits of IMPACT Pro:

The reasons for recommending Impact Pro, in order to satisfy the security requirements of our organization, are mentioned below:

It can be used efficiently by current internal staff:

We can use this product with our existing skill sets and staff. Its training requirements are slight, provided by the vendor, and easy to implement. It will also allow us to assess our security status as we upgrade, add and update endpoints, web applications, servers and other IT assets on regular basis.

Product stability, quality and security of network:

IMPACT Pro is a commercial-grade security testing software. It tests security against malware, hacking and data crack attempts using that same techniques that the cyber criminals apply. However, this software ensures a network is secure and safe without putting stability of networks, applications or endpoints at risk.

Enabling repeatable and consistent security testing:

IMPACT Pro allows a user to schedule endpoint and network penetration testing and vulnerability validation. This ensures reliability of testing programs by allowing more organized approach to an assessment with strong metrics in order to measure improvement over time.

Testing of web applications and heterogeneous infrastructure:

IMPACT Pro is the only commercial-grade programmed web applications testing software in market. It allows the user to verify both proprietary and commercial web applications that are secure against threats that search for SQL injection, Cross-site scripting, and PHP file insertion vulnerabilities. It can also help to identify weaknesses across many operating system platforms, service packs and versions existing on systems throughout network.

Constant updates for testing against latest attack trends:

A combination of continuing technology acceptance, increasing connectivity, persistent cyber criminals and modification means that security landscape is continually evolving. Core Security also offers regular updates that check for newly exposed vulnerabilities in services, operating systems, wireless networks, end-user applications, web applications and other different possible points of exposure.

How IMPACT Pro varies from other Vulnerability Scanners:

IMPACT Pro conducts continuing research into malware attacks and cutting-edge vulnerabilities, allowing companies to keep its software up-to-date with timely and new testing competences 20 to 30 times per month. Unlike many testing tools that only report potential vulnerabilities for analysis, CORE Pro allows to test present security position across majority of IT infrastructure in order to find real exposures that can be threats to operations.

The software solutions of CORE serve as self-regulating form of dynamic self-assessment. This self-regulating system allows companies to authenticate the efficiency of various security points and determine whether or not they are working correctly and protecting the company. Specific competencies of CORE Pro comprise the capability to test for different types of vulnerabilities across:

Network Systems

Endpoints

Web Applications

Email Users

Wireless Networks

By doing practical testing across all of the aforementioned access points we, as an organization, can separate failure points in our security structure and report these problems rapidly. Advanced Research can also obtain the ability to evaluate efficiency and ROI (Return On Investment) of broadly deployed layered security tools like firewall, anti-virus, data leakage protection, authentication, IDS/IPS, security management systems and compliance on a continuing basis to measure the value of systems and validate past and future spending plans.

Product Cost:

Price of IMPACT Pro starts $30,000/year. The product payment includes:

Software License

All upgrades related to version

Systematic Product Updates

Training.

Customer Support

Reference:

F, B. (2013, July 30). Network Penetration Testing and Research. Retrieved September 30, 2014, from http://ntrs.nasa.gov/search.jsp?R=20140002617

Penetration Testing with Core Impact Pro (Attack Intelligence, Vulnerability Prioritization & Consolidation) Retrieved September 30, 2014, from: http://www.coresecurity.com/core-impact-pro

Replicate Real-World Attacks and Reveal Critical Security Exposures. (2012, January 1). Retrieved September 30, 2014, from http://www.coresecurity.com/files/ attachments/CORE_Pro_product_overview.pdf

Stephenson, P. (2013, February 1). Core Impact Professional. Retrieved September 30, 2014, from http://www.scmagazine.com/core-impact-professional/review/3791/