Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Managed Vulnerability Management
Managed Application Security
Managed Detection & Response
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Platform Overview Try Now
User Behavior Analytics & SIEM
Orchestration & Automation
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
HD Moore, chief research officer at Rapid7, has called for all security professionals to collaborate on security data research and analysis to create greater awareness and understanding of security issues and their implications. To facilitate this, Rapid7 Labs, led by Moore, has launched Project Sonar, offering free tools and terabytes of data from its own research efforts. HD launched the initiative during his keynote address at DerbyCon 3.0, in which he advocated internet-wide analysis as a practical tool for security practitioners to meaningfully improve their network security.
"Security issues are rife across the internet and the situation is getting worse, not better. The security community needs to start sharing data and working together so we can identify and tackle the huge issues confronting us," said HD. "This isn't just work for researchers - all security professionals can be their own researcher and 'scan all the things!' or contribute to shared analysis. We're trying to make this easy for the average IT guy to help them understand the value of the data they have."
To facilitate this collaborative approach, Rapid7 Labs has created and highlighted a number of free tools for scanning and analysis, including ZMap, Nmap, SSL certificate grabbers, DNS reverse lookup scanning and more. These are all available at the Project Sonar community page in SecurityStreet. The site provides a place for security professionals to share data and findings, discuss potential approaches, highlight analysis and implications and suggest remediation options.
Terabytes of data from past internet scanning research is also available for browsing and analysis, for example findings from the year-long Critical.IO scanning project conducted by Moore and Rapid7 Labs. Critical.IO highlighted a number of pervasive security issues, including vulnerabilities in UPnP, IPMI and serial port servers. The value of these kinds of scans in highlighting widespread insecurity across the internet is also apparent in a number of similar initiatives, such as the Internet Census 2012, SHODAN, and most recently the University of Michigan's ZMap report.
While the value of these findings is undisputed, the investigation has traditionally been considered the territory of dedicated research teams, such as Rapid7 Labs and the ZMap team from the University of Michigan. Rapid7 believes that this approach will not be effective in making the internet more secure without increased collaboration with the wider security community.
Rapid7 security analytics software and services reduce threat exposure and detect compromise for 3,000 organizations across 78 countries, including over 250 of the Fortune 1000. We understand the attacker better than anyone and build that insight into our solutions to improve risk management and stop threats faster. We offer advanced capabilities for vulnerability management, penetration testing, controls assessment, incident detection and investigation across your assets and users for virtual, mobile, private and public cloud networks. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.