Fortra has repositioned its portfolio to advance its package of “offensive security solutions,” the company announced.Fortra is a provider of vulnerability management, penetration testing, and red teaming software and services. The Minneapolis-based company's offerings include Frontline Vulnerability Manager (VM), Core Impact penetration testing software, Cobalt Strike adversary simulation software, and Outflank Security Tooling.The solutions are now interoperable, providing data centralization, information sharing, reduced console fatigue, accelerated time-to-remediation, and other benefits, according to the company. In concert, the solutions apply the same techniques used by threat actors to identify and exploit gaps in an organizations’ security. That enables customers to find and fix weaknesses in their security posture before they are exploited, officials said.Mark Bell, Fortra managing director of infrastructure protection, explained the company’s “offensive security” approach:“Proactively seeking out your own security weaknesses has become essential to stay ahead and reduce risks. Like the old saying goes, ‘to catch a criminal, you must think like a criminal,’ and that is exactly what an offensive security approach does—before customers are exploited.”
Fortra Security Five Ways
Fortra’s offensive security offerings come in five configurations: (per Fortra)- Essentials combines Fortra's Frontline VM with its penetration testing platform, Core Impact, to scan, evaluate and prioritize security vulnerabilities and remediation efforts throughout an organization’s network.
- Advanced combines Fortra's penetration testing and adversary simulation software solutions, Core Impact and Cobalt Strike, to provide a view of vulnerabilities through advanced ransomware and phishing simulations and comprehensive reporting, while also giving teams the ability to collaborate in real time.
- Elite combines Frontline VM, Core Impact, and Cobalt Strike, allowing customers to evaluate security, identify vulnerabilities and proactively reduce risk. These combined vulnerability management, penetration testing, and adversary simulation tools run at the same time and are interoperable, streamlining the process to identify, analyze and prioritize vulnerabilities.
- Red Team is built to integrate seamlessly into Cobalt Strike's flexible command and control framework, Outflank Security Tooling extends a company’s red teaming capabilities. Together, these tools can deploy more sophisticated adversary simulation and assess overall security posture and vulnerability.
- Advanced Red Team combines Core Impact, Cobalt Strike and Outflank Security Tooling to evaluate security gaps, defenses and security strategies using the same tactics as today's threat actors. Together, these solutions provide a holistic security testing methodology for advanced red teamers.
