5 min
Vulnerability Management
How to Remediate Vulnerabilities Across Multiple Offices
Your vulnerability scanner [https://www.rapid7.com/products/insightvm/] embarks
on its weekly scan. The report comes in, you fire it off to your IT team across
the country and...silence. Thinking they’re on it, you go on with your day,
until next week’s scan report comes in and you find out that not everything was
fixed and issues have progressed.
For companies with distributed offices, it can be tricky to communicate issues
to teammates you have limited facetime with, get things done quickly w
3 min
InsightVM
Vulnerability Management Year in Review, Part 3: Remediate
The wide impact
[https://www.wired.com/story/petya-ransomware-outbreak-eternal-blue/] of the
Petya-like ransomware [/2017/06/27/petya-ransomware-explained/] in 2017, mere
weeks after WannaCry [/2017/05/12/wanna-decryptor-wncry-ransomware-explained/]
exploited many of the same vulnerabilities, illustrated the challenge that
enterprises have with remediating even major headline-grabbing vulnerabilities,
let alone the many vulnerabilities that don’t get news coverage. To this end,
Rapid7’s vulner
4 min
GDPR
Creating a Risk-Based Vulnerability Management Program for GDPR with InsightVM
The General Data Protection Regulation’s (GDPR)
[https://www.rapid7.com/solutions/compliance/gdpr/] deadline in 2018 is rapidly
approaching, and as companies prepare for GDPR compliance
[/2017/02/23/preparing-for-gdpr/], they’re facing a struggle that’s plagued
every security program for years: how to quantify that nebulous, scary thing
called “risk.” GDPR compliance [https://www.rapid7.com/fundamentals/gdpr/]
specifically talks about “risk” several times in its guidelines, particularly in
Arti
1 min
Cleaning House: Maintaining an accurate and relevant vulnerability management program
When Nexpose [https://www.rapid7.com/products/nexpose/] launched in the early
2000s, technology was vastly different from the world we live in today: most
people connected to the internet over dial-up modems, personal computers were
shared within the household, and televisions were still set-top boxes.
Technology has evolved dramatically since then, and Rapid7's vulnerability
management solutions
[https://www.rapid7.com/solutions/vulnerability-management/] have evolved to
meet the needs of secur
2 min
Nexpose
Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose
Just when you'd finished wiping away your WannaCry
[/2017/05/12/wanna-decryptor-wncry-ransomware-explained] tears, the interwebs
dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494
[https://www.rapid7.com/db/vulnerabilities/samba-cve-2017-7494] (no snazzy name
as of the publishing of this blog, but hopefully something with a Lion King
reference will be created soon).
As with WannaCry, we wanted to keep this simple. First, check out Jen Ellis's
overview of the Samba vulnerabil
4 min
Container Security
Modern Network Coverage and Container Security in InsightVM
For a long time, the concept of “infrastructure” remained relatively unchanged:
Firewalls, routers, servers, desktops, and so on make up the majority of your
network. Yet over the last few years, the tides have begun to shift.
Virtualization is now ubiquitous, giving employees tremendous leeway in their
ability to spin up and take down new machines at will. Large chunks of critical
processes and applications run in cloud services like Amazon Web Services (AWS)
and Microsoft Azure. Containers hav
4 min
Ransomware
Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose
*Update 5/18/17: EternalBlue exploit (used in WannaCry attack) is now available
in Metasploit for testing your compensating controls and validating
remediations. More info: EternalBlue: Metasploit Module for MS17-010
[/2017/05/20/metasploit-the-power-of-the-community-and-eternalblue]. Also
removed steps 5 and 6 from scan instructions as they were not strictly necessary
and causing issues for some customers.
*Update 5/17/17: Unauthenticated remote checks have now been provided. For hosts
that ar
3 min
InsightVM
InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)
In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity
inherent in security analytics. This reality was introduced first to our
InsightIDR [https://www.rapid7.com/products/insightidr/] users, who now had the
capabilities of a SIEM [https://rapid7.com/solutions/siem/], powered by user
behavior analytics (UBA) [https://rapid7.com/solutions/user-behavior-analytics/]
and endpoint detection
[https://www.rapid7.com/solutions/endpoint-detection-and-response/]. Soon we
started
1 min
Awards
2017 Cybersecurity Excellence Awards: And the Nominees Are...
With the end of the year comes the annual "best of" awards season, and cybersec
is no different. This year, Rapid7 has been nominated for 10 awards at the
Cybersecurity Excellence Awards [http://cybersecurity-excellence-awards.com/]!
It's up to you, the practitioners and folks in the trenches, to vote for your
top choice in each category and choose a winner.
To help recognize our people and products, we could use your help in voting.
Each category is listed below and ready for you to vote on.
3 min
Nexpose
Vulnerability Categories and Severity Levels: "Informational" Vulnerabilities vs. True Vulnerabilities
A question that often comes up when looking at vulnerability management tools
[https://www.rapid7.com/products/nexpose/?CS=blog] is, “how many vulnerability
checks do you have?” It makes sense on the surface; after all, less
vulnerability checks = less coverage = missed vulnerabilities during a scan
right?
As vulnerability researchers would tell you, it's not that simple: Just as not
all vulnerabilities are created equal, neither are vulnerability checks.
How “True” Vulnerability Checks Work
A
5 min
Nexpose
Vulnerability Management: Live Assessment and the Passive Scanning Trap
With the launch of Nexpose Now [https://www.rapid7.com/products/nexpose/now.jsp]
in June, we've talked a lot about the “passive scanning trap
[https://information.rapid7.com/nexpose-now-release-webcast-6.14.html]” and
“live assessment” in comparison. You may be thinking: what does that actually
mean? Good question.
There has been confusion between continuous monitoring and continuous
vulnerability assessment
[https://www.rapid7.com/solutions/vulnerability-assessment.jsp] – and I'd like
to pr
2 min
Nexpose
Nexpose integrates with McAfee ePO and DXL: The first unified vulnerability management solution for Intel Security customers!
We wanted to give you a preview into Nexpose's new integration with both McAfee
ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL); this is the
next stage of our partnership with Intel as their chosen vendor for
vulnerability management [PDF]
[https://www.rapid7.com/docs/Product-Brief-Nexpose-MVM-with-feature-list-FINAL-120315.pdf]
. This partnership is also a first for both Rapid7 and Intel, as Nexpose is the
only vulnerability management
[https://www.rapid7.com/solutions/vulnerabi
4 min
Nexpose
Creating your First Vulnerability Scan: Nexpose Starter Tips
Welcome to Nexpose and the Rapid7 family! This blog is a step by step guide for
new Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog] customers to show
you how to set up your first site, start a scan, and get your vulnerability
management
[https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] program
under way.
First thing's first: A few definitions in Nexpose:
Site: A (usually) physical group of assets; i.e. what you want to scan
Scan Template: The things that your
2 min
Nexpose
Remediating the CISCO EXTRABACON Vulnerability (CVE-2016-6366) with Nexpose
Recently, our research team recently wrote an extensive blog
[/2016/09/06/bringing-home-the-extrabacon?CS=blog] on the EXTRABACON exploit
(finally a name that we can all get behind). Our research with Project Sonar
showed that a large number of devices and organizations are still exposed to
this vulnerability, even though a patch has been released; and today I thought
we'd get pragmatic and show how you can measure your exposure using Nexpose
vulnerability management.
[https://www.rapid7.com/s
3 min
Nexpose
Nation's 'Hacker-in-Chief' Demonstrates Old Dog's Value
In today's security ecosystem, there are several technologies/programs that are
considered to be the old dogs. They've been around the block a few times, have
a few gray hairs, and just aren't as sexy anymore. Most companies have had
these technologies for years now, and they typically don't get the headlines
that some of the newer, hotter technologies are getting. Antivirus, Email
Security, Firewalls, and Vulnerability Management are a few of these. It's hard
to compete with big-data-machin