Rapid7 Labs Launches Project Sonar, Shares Extensive Research Data and Urges Security Professionals to #ScanAllTheThings
Community Open Data Initiative Launched During DerbyCon Keynote to Foster Greater Security Understanding and Collaboration
Boston, MA – September 30, 2013 - HD Moore, chief research officer at Rapid7, has called for all security professionals to collaborate on security data research and analysis to create greater awareness and understanding of security issues and their implications. To facilitate this, Rapid7 Labs, led by Moore, has launched Project Sonar, offering free tools and terabytes of data from its own research efforts. HD launched the initiative during his keynote address at DerbyCon 3.0, in which he advocated internet-wide analysis as a practical tool for security practitioners to meaningfully improve their network security.
"Security issues are rife across the internet and the situation is getting worse, not better. The security community needs to start sharing data and working together so we can identify and tackle the huge issues confronting us," said HD. "This isn't just work for researchers - all security professionals can be their own researcher and 'scan all the things!' or contribute to shared analysis. We're trying to make this easy for the average IT guy to help them understand the value of the data they have."
To facilitate this collaborative approach, Rapid7 Labs has created and highlighted a number of free tools for scanning and analysis, including ZMap, Nmap, SSL certificate grabbers, DNS reverse lookup scanning and more. These are all available at the Project Sonar community page in SecurityStreet. The site provides a place for security professionals to share data and findings, discuss potential approaches, highlight analysis and implications and suggest remediation options.
Terabytes of data from past internet scanning research is also available for browsing and analysis, for example findings from the year-long Critical.IO scanning project conducted by Moore and Rapid7 Labs. Critical.IO highlighted a number of pervasive security issues, including vulnerabilities in UPnP, IPMI and serial port servers. The value of these kinds of scans in highlighting widespread insecurity across the internet is also apparent in a number of similar initiatives, such as the Internet Census 2012, SHODAN, and most recently the University of Michigan's ZMap report.
While the value of these findings is undisputed, the investigation has traditionally been considered the territory of dedicated research teams, such as Rapid7 Labs and the ZMap team from the University of Michigan. Rapid7 believes that this approach will not be effective in making the internet more secure without increased collaboration with the wider security community.
Rapid7's IT security solutions deliver visibility and insight that help you make informed decisions, create credible action plans, and monitor progress. They simplify risk management by uniquely combining contextual threat analysis with fast, comprehensive data collection across your users, assets, services and networks, whether on premise, mobile or cloud-based. Rapid7's simple and innovative solutions are used by more than 2,500 enterprises and government agencies in more than 65 countries, while the Company's free products are downloaded more than one million times per year and enhanced by more than 200,000 members of its open source security community. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner and SC Magazine. For more information about Rapid7, please visit http://www.rapid7.com.