What I love most about CIE is that at the end of the day, the automation is complete and concise. All the way from asset discovery on down, you get pretty next generation from a product that's a couple of years old. I also love how detailed and clear the finished reports are. Far too often, software that runs these kinds of tests/checks often have scattered results on the back end, but not Core Insight. Even with a slightly pricey intro cost, it is well worth it. At the end of the day, this is still the best service for those who use anything manual for their pen tasting capabilities. The fact that it is manual takes so much of the guesswork out of the product to the point that I can evaluate certain people when they are testing scripts.
What do you dislike?
A lack of third party integration when working with alternate means to use the services. I honestly think it's a mild issue on the whole as much of the work done on the enterprise level is intraconnected.
Recommendations to others considering the product
Compare and contrast based on need/company size, but ultimately, this is my top pick in the group.
What business problems are you solving with the product? What benefits have you realized?
Internal vulnerability management, specifically when searching for attack paths, probable exploits and other things that an attacker attempting to breach an enterprise. The biggest benefit to this has been ability to mirror potential exploits much as a potential attacker would perform them.Of particular interest to us is the exploit database. While it is true that this replicates the exploits available on Core tools, it also is an excellent reference.
* We monitor all Core Insight Enterprise reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.