Posts by Alex Hin

1 min Vulnerability Disclosure

On the lookout for Intel AMT CVE-2017-5689

We've had some inquiries about checks for CVE-2017-5689, a vulnerability affecting Intel AMT devices. On May 5th, 2017, we released a potential vulnerability check that can help identify assets that may be vulnerable. We initially ran into issues with trying to determine the exact version of the firmware remotely, and so a potential check was released so that you would still be able to identify devices that may be impacted by this. We didn't stop there though. As part of yesterday's Nexpose rel

1 min Nexpose

New Policy Reports in Nexpose

With Nexpose, you can assess your network for secure configurations at the same time as vulnerabilities, giving you a unified view of your risk and compliance posture. The latest version of Nexpose focuses on making it easier to understand how well you're doing and the actions to take to improve overall compliance. Starting with Nexpose 6.2.0, users now have access to two brand new policy reports that help you take control of your compliance program and focus on what is important. The first r

2 min Nexpose

Why that CVSS score? HTTP TRACE vulnerability-your questions answered

Recently we saw that there were some questions on Twitter about the HTTP TRACE vulnerability check in Nexpose, specifically around the CVSS score.  Thank you @digininja [], @tautology0 [], and @raesene [] for raising this issue - we love to hear from our users and appreciate honest feedback on our solutions. Questions like these cause us to challenge our own assumptions and reasoning, which is always a healthy pr