Posts by Leo Varela

4 min Phishing

What You Can Learn from Our Successful Simulated Phishing Attack of 45 CEOs

I was recently invited to a cybersecurity event to raise awareness on phishing by simulating targeted campaigns against the CEO attendees. Here's how they fared.

3 min InsightPhishing

Rapid7 InsightPhishing (Beta): Unified phishing simulation, investigation, and analysis

Starting March 1, 2019, Rapid7 will no longer offer or support InsightPhishing, and the beta program will end. Click here [https://kb.help.rapid7.com/docs/insightphishing-end-of-program-announcement] for more information. Phishing attacks remain one of the top challenges for SecOps teams. Yes, we all nod when we see the stats that get thrown around, like the ones below. But we also know this because we’ve heard it directly from our customers. Rapid7 has a long tradition of creating products an

4 min Metasploit

EternalBlue: Metasploit Module for MS17-010

This week's release of Metasploit [https://www.rapid7.com/products/metasploit] includes a scanner and exploit module for the EternalBlue vulnerability, which made headlines a couple of weeks ago when hacking group, the Shadow Brokers, disclosed a trove of alleged NSA exploits [/2017/04/18/the-shadow-brokers-leaked-exploits-faq]. Included among them, EternalBlue, exploits MS17-010 [https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue], a Windows SMB vulnerability. This week

1 min Metasploit

Announcement: End-of-life Metasploit 32-bit versions

UPDATE: With the release of version 4.15 on July 19, 2017, commercial Metasploit 32-bit platforms (Metasploit Pro, Metasploit Express, and Metasploit Community) no longer receive future product or content updates. These platforms are now obsolete and are no longer supported. Rapid7 announced the end of life of Metasploit Pro 32-bit versions for both Windows and Linux operating systems on July 5th, 2017.  This announcement applies to all editions: Metasploit Pro, Metasploit Express and Metasploi

1 min Vulnerability Management

Further Control of Dynamic Connections with Adaptive Security

As we have reached out to customers for feedback on Adaptive Security use cases (see: Adaptive Security Overview [/2015/10/02/adaptive-security-overview] for details on this feature), we have found that many customers would like to control the outcome of the “New Asset discovered” trigger. They want to be able to not just kick a scan since they either have some restrictions as to when to scan, or they don't scan everything that comes out of DHCP (or other dynamic source of assets), for some netw

2 min

Adaptive Security Overview

In Nexpose 6, we are introducing Adaptive Security, a smarter way to automate actions taken based on security incidents as they occur in your environment. The ultimate goal is to give back to security teams the time spent configuring tools to respond to a threat and automating the tedious and repetitive tasks taken to understand changes in the asset inventory and the threat landscape. With Adaptive Security, you can create workflows called automated actions that respond to new and existing asse

2 min AWS

The real challenge behind asset inventory

As the IT landscape evolves, and as companies diversify the assets they bring to their networks - including on premise, cloud and personal assets - one of the biggest challenges becomes maintaining an accurate picture of which assets are present on your network. Furthermore, while the accurate picture is the end goal, the real challenge becomes optimizing the means to obtain and maintain that picture current. The traditional discovery paradigm of continuous discovery sweeps of your whole network

2 min

The Operational Report

There are several kinds of reports available in ControlsInsight. One that I want to bring your attention to is the operational report, a report that provides details to be consumed by your IT department. The operational report was born to bridge the gap between identifying security controls needed in your organization and implementing them. The WHY and HOW associated to the WHAT. It is one of the most important parts of the product because it is meant to drive action. It gives you the latest in

1 min API

APIs, the fastest and easiest way to get Nexpose integrated in your environment.

The Nexpose team have created some really cool integration points for Nexpose that you can use with your events and tools. Now to make it even simpler we have created a couple of blogs that will walk you through some integration scenarios which will guide you and give you a head start on how to create your very own integration! All these examples are simple enough to follow, and complex enough to be used as part of your unique environment's integration. Let us know if you found them helpful, ho

3 min Release Notes

Security Configuration assessment capabilities that meet your needs with Nexpose 5.4

A new great looking feature in our configuration assessment component has been added in Nexpose 5.4: the ability to customize policies to meet your unique contextual needs, i.e. are specific to your environment. You are now going to be able to copy a built-in policy, edit its configuration including the policy checks values to test your assets for compliance. This flexibility allows for custom, accurate and relevant configuration assessment. Configuration assessment is important to assess the r

4 min Release Notes

Configuration assessment and policy management in Nexpose 5.2

We love our policy Dashboards. They are new, hot, intuitive, robust and really useful. In our latest release of Nexpose, version 5.2, we've made two major enhancements to our configuration assessment capabilities: * A policy overview dashboard: To understand the current status of compliance of configurations delivering a summary of the policy itself.A policy rule dashboard: To provide further details for a particular rule and the current compliance status for that rule. What makes th

4 min Java

Java API client - How to augment it and share with the community

The prerequisite is that you get the client: clee-r7/nexpose_java_api · GitHub [https://github.com/clee-r7/nexpose_java_api] This blog post will show you how to augment the java api client and use it in 4 easy steps. The Java API client uses XML templates to generate requests. Browse to the src/org/rapid7/nexpose/api folder within the API source code, you will see the templates for the currently supported API client requests. i.e:  AssetGroupSaveRequest.xml. There are currently 2 versions of