2 min
Nexpose
Vulnerability Regression Monitoring With Nexpose
Recently I've been diving into some advanced
[/2016/05/26/impact-driven-risk-analysis] and targeted
[/2016/05/31/targeted-analysis-default-accounts] analysis features. Today I'd
like to keep things simple while still addressing a significant use case -
Vulnerability Regression. Often times the immediate response to high visibility
vulnerabilities does not involve setting up future monitoring, leaving the door
open for the same vulnerabilities to show back up time and again.
[RELATED: Vulnerabi
2 min
Nexpose
Update Tuesday, June 2016
June continues an on-going trend with Microsoft's products where the majority of
bulletins (7) address remote code execution (RCE) with elevation of privilege as
a close second (6); the three address information disclosure (2) and denial of
service. All critical bulletins are remote code execution vulnerabilities
affecting a variety of products and platforms including Edge, Internet Explorer,
Microsoft Office, Office Services and Web Apps as well as Windows (client and
server). However, this mon
6 min
Vulnerability Management
Vulnerability Management Needs To Stop Slowing Security Improvement
Incremental improvement is great. Nothing, especially in the world of software,
is perfect when first released to the market, so iterative improvement is an
expectation every customer must have. But problems begin to arise for users when
incremental improvement becomes the accepted norm for long periods of time. Many
experts in the vulnerability management market believe that is what's happened
in the industry: vendors continuously spit out minimal, albeit important,
updates such as a new report
3 min
Nexpose
Nexpose Now: Because Security Doesn't Wait
Attackers don't wait for your schedule, in fact, they try and take advantage of
your ‘windows of wait' when you're biding your time waiting for a scan. Just
think of your typical Patch Tuesday, when you walk in on Wednesday your
vulnerability management solution has all the checks, but then you wait for that
next scan. You wait for data to be recollected, assessed, and then hopefully
served up in a way that is intuitive and describes exactly what you need to do,
and when. At that point the work
5 min
Nexpose
Focusing on Default Accounts - Targeted Analysis With Nexpose
In my last blog post I went in depth on Impact Driven Analysis and Response
[/2016/05/26/impact-driven-risk-analysis], an often-overlooked but very handy
analysis option in Nexpose. Today I'd like to talk about another great option
for analysis - filtering assets based on their discovered vulnerabilities by
Vulnerability Category. We will use Filtered Asset search to take a focused look
at a specific category: Default Account findings.
Default accounts are high significance findings with low e
4 min
Nexpose
Impact Driven Risk Analysis and Response With Nexpose
Today I'd like to highlight an often overlooked but very handy analysis option
in Nexpose - filtering assets based on their discovered vulnerability CVSS
Impact Metrics (Confidentiality, Integrity, Availability).
We will use RealContext tags and Filtered Asset Search to answer the following
questions:
* Are there any Availability Impact findings on High Availability systems? (
i.e. web servers, authentication servers)
* Are there any Confidentiality Impact findings on systems with Highly
2 min
Nexpose
Nexpose Content Release Cadence
Over the past year our Nexpose team has taken on the challenge of overhauling
our product and internal processes to enable more frequent and seamless content
releases. The objective is simple, get customers content to their consoles
faster without disrupting their workflow and currently running or scheduled
scans. This enables security teams to respond to industry trends much faster and
coupled with our new adaptive security feature enables low impact delta scans of
just the new or updated vulne
2 min
Nexpose
Adaptive Security: Rapid7 Critical Vulnerability Category
Starting this week, we have added a new vulnerability category: Rapid7 Critical.
When we examine a typical vulnerability, each vulnerability comes with various
pieces of information such as CVE id, CVSS score, and others. These pieces of
information can be very handy especially when you set up Automated Actions in
Nexpose. Here is an example:
As you can see the example on the right, this trigger will initiate a scan
action if there is a new coverage available that meets the criteria of CVSS
2 min
Nexpose
Update Tuesday, April 2016
April continues a long-running trend with Microsoft where the majority of
bulletins (9) address remote code execution (RCE) vulnerabilities; the remaining
address elevation of privilege (2), security feature bypass and denial of
service (DOS). All critical bulletins are remote code execution issues affecting
a variety of products and platforms including Adobe Flash Player, Edge, Internet
Explorer, .NET Framework, Office, Office Services and Web Apps, Skype for
Business, Lync and Windows (client
3 min
Nexpose
Optimizing Adaptive Security: New and Known Assets
Since I started working on Rapid7's Information Security team, I've had
firsthand experience with what is arguably the hardest part of vulnerability
management: Creating and updating a complete inventory of your assets and their
vulnerabilities. While you'll never be able to achieve perfection in this
regard, Adaptive Security in Nexpose
[https://www.rapid7.com/products/nexpose/nx6.jsp] makes it significantly easier
for InfoSec teams to improve their current vulnerability management program with
1 min
Nexpose
New Policy Reports in Nexpose
With Nexpose, you can assess your network for secure configurations at the same
time as vulnerabilities, giving you a unified view of your risk and compliance
posture. The latest version of Nexpose focuses on making it easier to understand
how well you're doing and the actions to take to improve overall compliance.
Starting with Nexpose 6.2.0, users now have access to two brand new policy
reports that help you take control of your compliance program and focus on what
is important.
The first r
2 min
Nexpose
MVM Migration to Nexpose - Toolkit
As most, if not all, current Intel Security customers are aware, Intel has
announced the End-of-Life of the McAfee Vulnerability Manager, aka. MVM. Coupled
with that announcement, Intel also announces it has partnered with Rapid7 and is
recommending that current, and future Intel Security customers, leverage
Rapid7's Nexpose to fill their vulnerability and threat exposure management
needs.
To aid in the transition from MVM to Nexpose, Rapid7, has developed a Migration
Toolkit. The Toolkit conta
3 min
Nexpose
How to use Nexpose to find all assets affected by DROWN
Introduction
DROWN is a cross-protocol attack against OpenSSL. The attack uses export cipher
suites and SSLv2 to decrypt TLS sessions. SSLv2 was developed by Netscape and
released in February 1995. Due to it containing a number of security flaws, the
protocol was completely redesigned and SSLv3 was released in 1996. Even though
SSLv2 was declared obsolete over 20 years ago, there are still servers
supporting the protocol. What's both fascinating and devastating about the DROWN
attack, is that se
1 min
Nexpose
Nexpose OS Fingerprinting Feedback
Have you ever run a Nexpose scan and had the wrong operating system identified
for an asset? Perhaps the incorrect TCP/IP stack fingerprint was used, or you
scanned an embedded device we haven't seen before. The March 9th release of
Nexpose (6.1.14) has a new feature that allows you easily report such
fingerprinting errors to Rapid7 and helps us to improve fingerprinting accuracy.
No need to open a support ticket!
A new feedback button (circled below), available on the Asset detail page next
to
1 min
Nexpose
Nexpose Receives AWS Certification
Rapid7's Nexpose just became the first Threat Exposure Management solution to
complete AWS' new rigorous pre-authorized scanning certification process!
Normally, a customer must request permission from AWS support to perform
vulnerability scans. This request must be made for each vulnerability scan
engine or penetration testing tool and renewed every 90 days. The new
pre-authorized Nexpose scan engine streamlines the process. When a
pre-authorized scan engine is launched from the AWS Marketplac