Posts by Eric Reiners

3 min Log Management

Nexpose Logging Analytics using LogEntries

This blog shows how to use the power of LogEntries [] Search and Analytics to monitor your Nexpose installation. LogEntries has joined [/2015/10/13/why-we-re-welcoming-logentries-to-the-rapid7-family-a-story-of-data-and-analytics] the Rapid7 family and offers several powerful capabilities to search, analyze, monitor and alert on your Nexpose installation. LogEntries is also super easy to set up and maintain. I spent about five minutes getting it running. The Nexpose engi

2 min Nexpose

Assessing risk using Security Intelligence

Robert Lemos wrote an interesting article [] about how CVSS alone does not necessarily give you enough information for effective remediation prioritization. Adding context about which vulnerabilities are being exploited easily using known exploits provides a much better way of determining whether or not a given asset is at risk from a real attack. Quoting the research completed by Luca Allodi and Fabio Ma

3 min Nexpose

Introducing Nexpose 5.5 - CIS, USGCB 2, Enhanced Reporting, and Data Scalability

For those of you that don't know me, I head up the Nexpose engineering team, and we are excited to introduce the latest release, Nexpose 5.5. This release focuses on meeting three big needs that we've heard about from our customers. The first is configuration assessment. This is a big deal for organizations that are subject to regulatory or internal standards that require confirmation of specific configurations of IT assets, such as USGCB 2.0. For those organizations, proving compliance is pain

2 min

How to find latest IE vulnerability (CVE-2012-4969) with Nexpose

As you probably know, Microsoft released advisory 2757760 (Microsoft Security Advisory (2757760): Vulnerability in Internet Explorer Could Allow Remote Code Execution []) which describes a Remote Code Execution vulnerability in Internet Explorer 7, 8, and 9. This was assigned to CVE-2012-4969 [] and Microsoft released a Security Update patch on September 21st, 2012 (Microsof

2 min

Migrate Nexpose to a newer platform

With Nexpose 5.1, you can now create platform-independent backups in order to migrate your installation to newer hardware or different supported OSes. For those of you on 32-bit platforms looking to migate to more modern hardware, look no further. Here is how you do it: 1. Navigate to the Nexpose Administration->Maintenance view and select the "Backup/Restore" tab. Check the "Platform-Independent" checkbox, provide a description and click "Start backup": 2. As long as there are no reports or