Posts tagged Nexpose

2 min Nexpose

Vulnerability Regression Monitoring With Nexpose

Recently I've been diving into some advanced [/2016/05/26/impact-driven-risk-analysis] and targeted [/2016/05/31/targeted-analysis-default-accounts] analysis features. Today I'd like to keep things simple while still addressing a significant use case - Vulnerability Regression. Often times the immediate response to high visibility vulnerabilities does not involve setting up future monitoring, leaving the door open for the same vulnerabilities to show back up time and again. [RELATED: Vulnerabi

2 min Nexpose

Update Tuesday, June 2016

June continues an on-going trend with Microsoft's products where the majority of bulletins (7) address remote code execution (RCE) with elevation of privilege as a close second (6); the three address information disclosure (2) and denial of service. All critical bulletins are remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet Explorer, Microsoft Office, Office Services and Web Apps as well as Windows (client and server). However, this mon

6 min Vulnerability Management

Vulnerability Management Needs To Stop Slowing Security Improvement

Incremental improvement is great. Nothing, especially in the world of software, is perfect when first released to the market, so iterative improvement is an expectation every customer must have. But problems begin to arise for users when incremental improvement becomes the accepted norm for long periods of time. Many experts in the vulnerability management market believe that is what's happened in the industry: vendors continuously spit out minimal, albeit important, updates such as a new report

3 min Nexpose

Nexpose Now: Because Security Doesn't Wait

Attackers don't wait for your schedule, in fact, they try and take advantage of your ‘windows of wait' when you're biding your time waiting for a scan. Just think of your typical Patch Tuesday, when you walk in on Wednesday your vulnerability management solution has all the checks, but then you wait for that next scan. You wait for data to be recollected, assessed, and then hopefully served up in a way that is intuitive and describes exactly what you need to do, and when. At that point the work

5 min Nexpose

Focusing on Default Accounts - Targeted Analysis With Nexpose

In my last blog post I went in depth on Impact Driven Analysis and Response [/2016/05/26/impact-driven-risk-analysis], an often-overlooked but very handy analysis option in Nexpose. Today I'd like to talk about another great option for analysis - filtering assets based on their discovered vulnerabilities by Vulnerability Category. We will use Filtered Asset search to take a focused look at a specific category: Default Account findings. Default accounts are high significance findings with low e

4 min Nexpose

Impact Driven Risk Analysis and Response With Nexpose

Today I'd like to highlight an often overlooked but very handy analysis option in Nexpose - filtering assets based on their discovered vulnerability CVSS Impact Metrics (Confidentiality, Integrity, Availability). We will use RealContext tags and Filtered Asset Search to answer the following questions: * Are there any Availability Impact findings on High Availability systems? ( i.e. web servers, authentication servers) * Are there any Confidentiality Impact findings on systems with Highly

2 min Nexpose

Nexpose Content Release Cadence

Over the past year our Nexpose team has taken on the challenge of overhauling our product and internal processes to enable more frequent and seamless content releases. The objective is simple, get customers content to their consoles faster without disrupting their workflow and currently running or scheduled scans. This enables security teams to respond to industry trends much faster and coupled with our new adaptive security feature enables low impact delta scans of just the new or updated vulne

2 min Nexpose

Adaptive Security: Rapid7 Critical Vulnerability Category

Starting this week, we have added a new vulnerability category: Rapid7 Critical. When we examine a typical vulnerability, each vulnerability comes with various pieces of information such as CVE id, CVSS score, and others. These pieces of information can be very handy especially when you set up Automated Actions in Nexpose. Here is an example: As you can see the example on the right, this trigger will initiate a scan action if there is a new coverage available that meets the criteria of CVSS

2 min Nexpose

Update Tuesday, April 2016

April continues a long-running trend with Microsoft where the majority of bulletins (9) address remote code execution (RCE) vulnerabilities; the remaining address elevation of privilege (2), security feature bypass and denial of service (DOS). All critical bulletins are remote code execution issues affecting a variety of products and platforms including Adobe Flash Player, Edge, Internet Explorer, .NET Framework, Office, Office Services and Web Apps, Skype for Business, Lync and Windows (client

3 min Nexpose

Optimizing Adaptive Security: New and Known Assets

Since I started working on Rapid7's Information Security team, I've had firsthand experience with what is arguably the hardest part of vulnerability management: Creating and updating a complete inventory of your assets and their vulnerabilities. While you'll never be able to achieve perfection in this regard, Adaptive Security in Nexpose [] makes it significantly easier for InfoSec teams to improve their current vulnerability management program with

1 min Nexpose

New Policy Reports in Nexpose

With Nexpose, you can assess your network for secure configurations at the same time as vulnerabilities, giving you a unified view of your risk and compliance posture. The latest version of Nexpose focuses on making it easier to understand how well you're doing and the actions to take to improve overall compliance. Starting with Nexpose 6.2.0, users now have access to two brand new policy reports that help you take control of your compliance program and focus on what is important. The first r

2 min Nexpose

MVM Migration to Nexpose - Toolkit

As most, if not all, current Intel Security customers are aware, Intel has announced the End-of-Life of the McAfee Vulnerability Manager, aka. MVM. Coupled with that announcement, Intel also announces it has partnered with Rapid7 and is recommending that current, and future Intel Security customers, leverage Rapid7's Nexpose to fill their vulnerability and threat exposure management needs. To aid in the transition from MVM to Nexpose, Rapid7, has developed a Migration Toolkit. The Toolkit conta

3 min Nexpose

How to use Nexpose to find all assets affected by DROWN

Introduction DROWN is a cross-protocol attack against OpenSSL. The attack uses export cipher suites and SSLv2 to decrypt TLS sessions. SSLv2 was developed by Netscape and released in February 1995. Due to it containing a number of security flaws, the protocol was completely redesigned and SSLv3 was released in 1996. Even though SSLv2 was declared obsolete over 20 years ago, there are still servers supporting the protocol. What's both fascinating and devastating about the DROWN attack, is that se

1 min Nexpose

Nexpose OS Fingerprinting Feedback

Have you ever run a Nexpose scan and had the wrong operating system identified for an asset? Perhaps the incorrect TCP/IP stack fingerprint was used, or you scanned an embedded device we haven't seen before. The March 9th release of Nexpose (6.1.14) has a new feature that allows you easily report such fingerprinting errors to Rapid7 and helps us to improve fingerprinting accuracy. No need to open a support ticket! A new feedback button (circled below), available on the Asset detail page next to

1 min Nexpose

Nexpose Receives AWS Certification

Rapid7's Nexpose just became the first Threat Exposure Management solution to complete AWS' new rigorous pre-authorized scanning certification process! Normally, a customer must request permission from AWS support to perform vulnerability scans. This request must be made for each vulnerability scan engine or penetration testing tool and renewed every 90 days. The new pre-authorized Nexpose scan engine streamlines the process. When a pre-authorized scan engine is launched from the AWS Marketplac