Fortra

Fortra (formerly HelpSystems) offers a comprehensive cybersecurity portfolio, from infrastructure protection and data security to managed security services, that is unrivaled in the industry. Specifically with the Offensive Security Bundles, consisting of Core Impact, Fortra VM, Cobalt Strike and Outflank Security Tooling (OST), a proactive security portfolio can be put together that best suits your organization's requirements and security posture.

Core Impact

Core Impact is one of the leading solutions for extensive automation of penetration tests. Systems can be scanned and certified, tested exploits automatically executed against identified vulnerabilities. Core Impact's Rapid Penetration Tests (RPTs) are easy-to-use automations that automate time-consuming and repetitive tasks. Comprehensive reporting capabilities can be used to document all results according to compliance requirements. Core Impact provides Red Teams and penetration testers with the tools available to real attackers.

Core Impact is part of the Essentials, Advanced, Elite and Advanced Red Team Bundles.

Fortra VM

Fortra Vulnerability Management is more than just a network vulnerability scanner or vulnerability assessment.It is a proactive, risk-based vulnerability and threat management solution that is a critical component of any cyber risk management program.Its robust capabilities set it apart from other VM solutions, providing critical security information in a centralized, easy-to-understand format so you can efficiently and effectively protect your mission-critical assets.

Fortra VM is part of the Essentials and Elite bundles.

Fortra VM Functionality

Threat Landscape combines real-world threat activity and industry-standard severity levels with machine learning to assess threats and vulnerabilities and determine your risk appetite.

With Network Map, you can leverage Fortra's patented scanning and host correlation technologies to visualize your network's security posture with the click of a button.

A dynamically generated Security GPA Score provides an easy-to-understand assessment of your organization's security strength.As improvements are made, this score improves, making it easier to monitor remediation efforts.

Cobalt Strike

Cobalt Strike is one of the leading tools for supporting Red Teams in the context of a penetration test. With its flexible post-exploitation agents and covert communication channels, attacks can be realistically simulated and existing countermeasures effectively tested. Cobalt Strike is so well suited to emulating the attack tactics and techniques of an attacker with a long-term interest that it is often used by real attackers. With Malleable C2, Cobalt Strike also offers the possibility of modifying components for each attack in such a way that they can hardly be detected by virus scanners.

Cobalt Strike is part of the Advanced, Elite, Red Team and Advanced Red Team bundles.

Outflank Security Tooling (OST)

Outflank Security Tooling (OST) is a set of specialized Red Teaming tools designed to simulate today's cyberattacks and current APT techniques while evading defensive and detection tools. OST is designed to extend the reach of Cobalt Strike and increase the efficiency of Red Teams. OST allows you to increase efficiency without increasing your headcount. By utilizing an external toolkit developed and tested by red teaming experts, even small teams can easily and safely conduct top-to-bottom engagements.

Outflank is part of the Red Team and Advanced Red Team bundles.

OST Components

Outflank Security Tooling includes the following tools among others:

  • KerberosAsk - Perform Kerberos actions from a Beacon Object File (BOF) using a custom ASN.1 decoding implementation
  • Payload Generator - Create advanced payloads to bypass antivirus detection using forensic functions
  • HiddenDesktop - Covertly interact with a target's desktop, including fat client applications, without compromising the user experience
  • Fake Ransom - Simulate a real ransomware attack with a ransom note that takes over the screen and displays file lists on the target computer
  • Lateral Pack - For lateral movement in the infrastructure with special techniques to stay under the radar
  • Language Panda - Changing the language forensics within a document to make it look like it was created with an Office installation from another country

Your Benefit

  • Scanning environments to identify vulnerabilities that can be exploited by attackers
  • Using the same techniques as attackers to exploit vulnerabilities
  • Prioritizing vulnerabilities based on the effectiveness of the tests used to exploit them
  • Targeted attack simulations
  • Can help train blue teams and conduct exercises for purple teams
  • Core Impact automates advanced testing for efficient detection, testing and reporting
  • Cobalt Strike provides a flexible post-exploitation framework that can emulate embedded attackers
  • OST provides a broad red teaming toolset with tools for every part of the attack kill chain

Our Service

We advise and support you with the introduction of Fortra Offensive Security Software. We advise you on the implementation of an internal penetration test program. We help you to implement effective vulnerability management.

Simply make an appointment with us.