Posts by Nate Crampton

3 min Application Security

Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

In Q1 2022, we've continued to improve InsightAppSec and tCell to help organizations shift left and automate security testing prior to deployment.

2 min Application Security

InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production

The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.

5 min Application Security

3 Takeaways From The 2021 VDBIR: It’s An Appandemic

According to this year's report, small companies have pulled closer to their larger counterparts when bearing the brunt of web-application breaches and are losing ground in the time it takes to discover those breaches.

2 min Application Security

Rapid7 Announces Release of New tCell Amazon CloudFront Agent

We are excited to announce tCell’s CloudFront agent, which leverages Lambda@Edge to help push security closer to the “edge” without requiring any code changes to your applications.

3 min Nexpose

Rapid7 wins SC Magazine 2015 Best Vulnerability Management Solution

We found out on Tuesday night that we won the SC Magazine Awards for Best Vulnerability Management Solution. I am extremely honored and glad that we won, and we owe it entirely to our amazing customers who have stayed with us over the years and helped us shape Nexpose into what it is today. We truly believe that customers are at our core and they are our partners—not in crime, but in anti-crime. I can't help but reflect on how much Rapid7 and Nexpose have grown since I started at Rapid7 around

2 min Nexpose

Software defined security made real

This week were headed for VMworld 2014 in San Fransisco and we're excited to be talking about how Rapid7 is partnering with industry leaders like Symantec, Palo Alto Networks, and of course VMware to build out the VMware NSX security ecosystem []. Together we've created an integrated system that collaborates together leveraging the NSX platform [] to automate risk identification and mitigation for VMware customers

2 min Nexpose

Real-time Protection from Nexpose & VMware NSX

One of Nexpose's core promises, is that we will give you actionable visibility into your physical, cloud, and virtual environments to help you identify what assets are on your network, and what are the most critical security risks to remediate. As a part of supporting that visibility, Rapid7 and VMware announced last August, that Rapid7 is the first VMware NSX network and security platform ecosystem partner [] for vulnerability management.  This

1 min Nexpose

VMworldTV Meets the Team Behind Rapid7

Earlier this week, I blogged that Rapid7 is part of VMware NSX ecosystem [/2013/08/27/rapid7-part-of-vmware-nsx-partner-ecosystem] and gave you an overview of the solution we are working on together with VMware. Check out the below interview with VMworldTV to learn more. Lee Weiner, SVP, Products & Engineering at Rapid7, talks about the integration between Nexpose-VMware NSX and the key benefits to organizations. Tas Giakouminakis, Co-Founder & CTO at Rapid7, goes through a demonstration o

2 min Nexpose

Rapid7 part of VMware NSX Partner ecosystem

We're very excited that VMware is showcasing Rapid7 as an official VMware NSX Partner [] at VMworld 2013 this week, demonstrating how we provide best-in-class vulnerability management for virtual networks. Rapid7 has been a longtime partner with VMware.  In 2011, we introduced our vAsset discovery [/2011/11/01/virtualization-introduces-new-security-gaps] method that allows Nexpose to have real-time visib

1 min Metasploit

HackMiami Web Application PwnOff - Nexpose w/Metasploit Dominated

During the HackMiami 2013 Hacker Conference []held in Miami Beach, a live Web Application Scanner PwnOff contest pitted common web scanning suites against each other. Participates included Acunetix, IBM Rational AppScan, NT OBJECTives NTOSpider, Portswigger Burp, and Rapid7 Nexpose [] with Metasploit []. In a head-to-head battle each of the automated web application scanning suites went up agai

1 min Nexpose

Announcement: End-of-Life for Nexpose 32-bit versions

Rapid7 announces the end of life of Nexpose 32-bit versions for both Windows and Linux operating systems on May 7, 2014.  This announcement applies to all editions of the Nexpose including Community, Express, Consultant, and Enterprise.  After this date Nexpose 32-bit versions will not receive product or content updates. MilestoneDescriptionDate                   End-of-life announcement dateThe date that the end-of-life date has been announced to the general public.May 8, 2013Last date of supp

2 min

'Twas the Night Before a Big Breach

'Twas the night before a big breach, when all through the internet Not a DDoS was stirring, not even against a bank. The WAF was installed by the security admin with care, In hopes that hackers soon would not be there. The assets were protected all patches were applied, While visions of exploits danced in their logs. And the CISO with her ‘reports, and I with mine, Had just settled our concerns for a long winter night. When out on the network there arose such a clatter, I sprang from the bed t

4 min

Vulnerability and Threat Data Export Leveraging "XML Export 2.0" format

A vulnerability management solution like Nexpose is often used by organizations to provide risk-based insight for potential and real threats. Nexpose provides product reporting capabilities that help organizations clearly prioritize their risk based on such aspects as exploitability, availability of malware kits and weighted and temporal risk scores. Frequently, organizations leverage this rich threat data in XML format in conjunction with other enterprise security tools such as SIEM, GRC, IPS,

2 min Virtual Infrastructure

Virtualization - Introduces New Security Gaps

This is my first blog as a Rapid7 employee.  I started in July of this year as a product manager, and my first project is helping a team build a new discovery method for Nexpose.  Virtualization has been around since the 1960s, even though it didn't start to become mainstream until the late 1990s when VMware was founded.  In the most recent years server virtualization has been growing at a rapid pace.  As it continues to spread, it introduces gaps in your security program. Over the last couple