Rapid7 Labs Launches Project Sonar, Shares Extensive Research Data and Urges Security Professionals to #ScanAllTheThings
Community Open Data Initiative Launched During DerbyCon Keynote to Foster Greater Security Understanding and Collaboration
Boston, MA – September 30, 2013 - HD Moore, chief research officer at Rapid7, has called for all security professionals to collaborate on security data research and analysis to create greater awareness and understanding of security issues and their implications. To facilitate this, Rapid7 Labs, led by Moore, has launched Project Sonar, offering free tools and terabytes of data from its own research efforts. HD launched the initiative during his keynote address at DerbyCon 3.0, in which he advocated internet-wide analysis as a practical tool for security practitioners to meaningfully improve their network security.
"Security issues are rife across the internet and the situation is getting worse, not better. The security community needs to start sharing data and working together so we can identify and tackle the huge issues confronting us," said HD. "This isn't just work for researchers - all security professionals can be their own researcher and 'scan all the things!' or contribute to shared analysis. We're trying to make this easy for the average IT guy to help them understand the value of the data they have."
To facilitate this collaborative approach, Rapid7 Labs has created and highlighted a number of free tools for scanning and analysis, including ZMap, Nmap, SSL certificate grabbers, DNS reverse lookup scanning and more. These are all available at the Project Sonar community page in SecurityStreet. The site provides a place for security professionals to share data and findings, discuss potential approaches, highlight analysis and implications and suggest remediation options.
Terabytes of data from past internet scanning research is also available for browsing and analysis, for example findings from the year-long Critical.IO scanning project conducted by Moore and Rapid7 Labs. Critical.IO highlighted a number of pervasive security issues, including vulnerabilities in UPnP, IPMI and serial port servers. The value of these kinds of scans in highlighting widespread insecurity across the internet is also apparent in a number of similar initiatives, such as the Internet Census 2012, SHODAN, and most recently the University of Michigan's ZMap report.
While the value of these findings is undisputed, the investigation has traditionally been considered the territory of dedicated research teams, such as Rapid7 Labs and the ZMap team from the University of Michigan. Rapid7 believes that this approach will not be effective in making the internet more secure without increased collaboration with the wider security community.
Rapid7's IT security data and analytics solutions collect, contextualize and analyze the security data you need to fight an increasingly deceptive and pervasive adversary. Unlike traditional vulnerability assessment or incident management, Rapid7 solutions uniquely provide insight into the security state of your assets and users across virtual, mobile, private and public cloud networks. They enable you to fully manage your risk, simplify compliance, and identify, investigate and stop threats faster. Our threat intelligence, informed by members of the Metasploit open source community and the industry-leading Rapid7 Labs, provides relevant context, real-time updates and prioritized risk. Our solutions are used by more than 25% of the Fortune 1000 and nearly 3,000 enterprise, government and small business organizations across 78 countries. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.