Like many things, the Core Impact pricing started off simple, and then “evolved” over the years into the rather complex beast that it is now. This evolution was driven by the two different customers needs; large corporates with in-house pen-test /red teams, and security consultancies.
Both of these customer profiles have unique needs, which are [hopefully] catered for in the pricing model.
Everything in Core Impact (including the pricing) is based around a workspace, so we need to define what they are to start.
What’s A Workspace?
All versions of the product come with an unlimited number of Workspaces. A workspace is way of bringing work together. This could be a group of machines, a customer project, or any other grouping that makes sense to the tester.
Even if possible, you would not want to have 10,000 machines in a single Workspace, it would be just too cumbersome to manage. Workspaces provide a way to narrow focus onto what matters at that point in time, so a single Workspace is typically a project or a customer engagement.
All the reporting is done at the Workspace level, as are several other product features like the re-test.
Behind the scenes each Workspaces is a database. Impact provides tools for managing these Workspaces, so that you can archive and restore them.
The reality is, if you tested a group of machines now, and need to do that same again in 6 months, then you would use a new Workspace. Things will have changed in the interim.
What if my workspaces are restricted to “N” IP addresses?
Most of the Core Impact license models restrict the number of IP addresses within a Workspace to a given number. It is worth understanding the implication of this …
One of the first steps of a pen-test is usually to scan the network and see what is there. Core Impact can do this for you (it uses NMAP behind the scenes) or you can load data from a previous scan; often Nessus Pro, a manually configured NMAP, or one of lots of other supported tools.
If you have a maximum Workspace size of say 256 IPs, then the loading of hosts will stop at 256.
If you had 500 hosts then you could split your machines into groups of less than 256, say “all the web servers” and “all the DB servers”, or by operating system. The choice is yours.
The implication of this is that you will get multiple reports (one per workspace). This may even make business sense as the reports would naturally go to different owners.
You could always purchase a license with a bigger Workspace size; Core have a very sensible policy here that recognises the value of your existing investment.
It is possible to test a 10,000 IP network with an 8 IP license. It would just take a very long time because you would need to do so 8 IPs at a time.
Concurrent users vs named users
A Core Impact license can usually be moved around between different members of a team. You can install the software in many places at once, and then move around an authorisation token between those machines. This allows a team to share a license as a common resource, moving it to projects where it offers the highest value.
Moving a license takes about 60 seconds (short demo here: https://youtu.be/dgVvC0A1x3k) and basically makes a Core Impact license a Concurrent user license.
Concurrent users have a maximum Workspace size.
As part of the Core Impact Pricing model there is the option of a “Names User” license. This only comes in the unlimited IPs variant, but it tied to a given machine / person. Rather than an unlimited number of moves between machines, you can only move the license a few times per year (to allow for hardware failures, team changes etc).
The cost of a “Named User” is somewhere between the 128 IP and the 256 IP license.
The difference between subscription and perpetual
Impact offers two license models, perpetual and subscription; the latter being the simplest.
With a Subscription license you purchase the right to use the software for a 12 month period.
At the end of that period the software stops working. If you want to continue to use the software, then you spend about the same fee again for another 12 month period.The Perpetual license has a higher up-front cost and a lower year 2+ cost. When comparing Perpetual to Subscription, the break-even point is about 2.5 years. If you want the software for less than 2.5 years then Subscription is cheaper, if longer then consider perpetual.
The decision tree
The following helps take you through the decision process of working out what is the cheapest for you. The Subscription vs Perpetual decision is completely separate from the Named vs Concurrent decision so we have this as 2 sections.
Subscription vs Perpetual
How long do you want the software?
- 1 or 2 years = Subscription
- 3 or more years = Perpetual
- Not sure = Start with Subscription, you can always pick Perpetual later
Name user VS Concurrent
This is a more complex decision, based on number of people in the team and how many IPs you need. The following flow chart should take you through the process.
So what’s the price of Core Impact?
The Core Impact pricing starts at around US$ 10,000 for a 1 year subscription of the 8 IP license, and goes up from there. The 8 IP license may be too restrictive for your needs, so you may need to consider one of the larger ones. The options are 8 IP, 64 IP, 128 IP, 256 IP, 512 IP and unlimited IP.
As a re-seller we have pricing available in USD, EUR and GBP.