3 min
Log Management
Nexpose Logging Analytics using LogEntries
This blog shows how to use the power of LogEntries [https://logentries.com/]
Search and Analytics to monitor your Nexpose installation. LogEntries has joined
[/2015/10/13/why-we-re-welcoming-logentries-to-the-rapid7-family-a-story-of-data-and-analytics]
the Rapid7 family and offers several powerful capabilities to search, analyze,
monitor and alert on your Nexpose installation. LogEntries is also super easy to
set up and maintain. I spent about five minutes getting it running. The Nexpose
engi
2 min
Nexpose
Assessing risk using Security Intelligence
Robert Lemos wrote an interesting article
[http://www.darkreading.com/vulnerability/vulnerability-severity-scores-make-for-b/240157339]
about how CVSS alone does not necessarily give you enough information for
effective remediation prioritization. Adding context about which vulnerabilities
are being exploited easily using known exploits provides a much better way of
determining whether or not a given asset is at risk from a real attack. Quoting
the research completed by Luca Allodi and Fabio Ma
3 min
Nexpose
Introducing Nexpose 5.5 - CIS, USGCB 2, Enhanced Reporting, and Data Scalability
For those of you that don't know me, I head up the Nexpose engineering team, and
we are excited to introduce the latest release, Nexpose 5.5. This release
focuses on meeting three big needs that we've heard about from our customers.
The first is configuration assessment. This is a big deal for organizations that
are subject to regulatory or internal standards that require confirmation of
specific configurations of IT assets, such as USGCB 2.0. For those
organizations, proving compliance is pain
2 min
How to find latest IE vulnerability (CVE-2012-4969) with Nexpose
As you probably know, Microsoft released advisory 2757760 (Microsoft Security
Advisory (2757760): Vulnerability in Internet Explorer Could Allow Remote Code
Execution [http://technet.microsoft.com/en-us/security/advisory/2757760]) which
describes a Remote Code Execution vulnerability in Internet Explorer 7, 8, and
9. This was assigned to CVE-2012-4969
[http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4969] and Microsoft
released a Security Update patch on September 21st, 2012 (Microsof
2 min
Migrate Nexpose to a newer platform
With Nexpose 5.1, you can now create platform-independent backups in order to
migrate your installation to newer hardware or different supported OSes. For
those of you on 32-bit platforms looking to migate to more modern hardware, look
no further. Here is how you do it:
1. Navigate to the Nexpose Administration->Maintenance view and select the
"Backup/Restore" tab. Check the "Platform-Independent" checkbox, provide a
description and click "Start backup":
2. As long as there are no reports or