Posts by Gavin Schneider

3 min InsightVM

New Container Security Assessment Features Added to InsightVM

We are excited to release two new features to improve the flexibility of our container assessment capabilities: our new Container Registry Sync App and Container Image Scanner for InsightVM.

2 min Nexpose

More TLS Improvements in Nexpose 6.1.2

After releasing TLS Coverage Improvements in Nexpose 6.0.2 [/2015/10/14/tls-coverage-improvements-in-nexpose-602] we figured that the Nexpose Security Console should be able to abide by our own suggestions. Last year we had already disabled SSLv3 support by default and allowed configuring what other protocols are enabled on the console as well. With this week's release we're limiting the TLS cipher suites available to the console's web server by default. Similar to the protocols, the cipher suit

2 min Nexpose

Nexpose Gem 1.0 Released

As of April 8th, 2015, version 1.0 of the Nexpose gem (nexpose-client) is available. Big Numbers Mean Big Changes Nexpose 5.13 brings new API 2.1 features and following on that the 1.0 version of the Nexpose gem uses these new features. Because of this, the new version of the gem includes some changes that are not backwards compatible with older versions of the gem or Nexpose. A migration guide is available [https://github.com/rapid7/nexpose-client/wiki/Conversion-Guide%3A-0.9.x-to-1.0.0] to h

3 min

TLS/SSL Scanning Enhancements in Nexpose 5.12

The Nexpose 5.12 release included many enhancements, which you can read about in Nexpose release notes -  January 2015 [https://community.rapid7.com/docs/DOC-3007]. In this blog post I'll focus on the changes made to TLS/SSL scanning in particular. Custom Root Certificate Authority Certificates First I'd like to go over the new feature that allows you to import your internal root CA certificates to Nexpose. For internal scans where your systems are likely to use a corporate certificate authori

2 min Nexpose

Nexpose API: SiteSaveRequest and IP Addresses vs Host Names

With the release of Nexpose 5.11.1 [https://help.rapid7.com/nexpose/en-us/release-notes/] we made some changes under the hood that improved scan performance and scan integration performance. As a result of those changes, the rules applied to using SiteSaveRequest in API 1.1 became stricter, which may have caused issues for some users. In the past this "worked" for the most part, though there were certainly side effects observable in the Web interface after the fact. Since these issues were not a