Posts tagged Nexpose

3 min AWS

Nexpose Scan Engine on the AWS Marketplace

Update September 2017: For even more enhanced capabilities, check out the AWS Web Asset Sync Discovery Connection [/2017/09/14/aws-power-up-tag-import-asset-cleanup-assume-role-ad-hoc-scan/]. Rapid7 is excited to announce that you can now find a Nexpose Scan Engine AMI on the Amazon Web Services Marketplace making it simple to deploy a pre-authorized Nexpose Scan Engine from the AWS Marketplace to scan your AWS assets! What is an AMI ? An Amazon Machine Image (AMI) allows you to launch a virt

3 min Nexpose

Nation's 'Hacker-in-Chief' Demonstrates Old Dog's Value

In today's security ecosystem, there are several technologies/programs that are considered to be the old dogs.  They've been around the block a few times, have a few gray hairs, and just aren't as sexy anymore.  Most companies have had these technologies for years now, and they typically don't get the headlines that some of the newer, hotter technologies are getting.  Antivirus, Email Security, Firewalls, and Vulnerability Management are a few of these.  It's hard to compete with big-data-machin

1 min Nexpose

Update Tuesday, February 2016

February continues this quarter's trend with the majority of bulletins (7) addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly address denial of service (DOS) and elevation of privilege. All of the critical bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are remote code execution issues affecting a variety of products and platforms include Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windo

2 min Windows

Nexpose Remote Registry Activation for Windows

The Windows Registry is a database which stores all settings for a Windows system, e.g. hardware, software installed, Windows updates installed and preferences for users and their applications.  During normal day to day use a standard user will inadvertently push changes into this database when they update the system, add/remove applications and so on. Remote Registry is a Windows service which allows a non-local user to read or make changes to the registry on your Windows system when they are

1 min Nexpose

Update Tuesday, January 2016

The year's first release contains 9 bulletins, 7 remote code execution (RCE), an elevation of privilege and spoofing vulnerability. The critical bulletins (MS15-001, MS15-002, MS15-003, MS15-004, MS15-005, MS15-006) are comprised of remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet Explorer (7 and onwards), Excel Viewer, Office, SharePoint Server, Silverlight, Word Viewer, VBScripting engine and all supported releases of Microsoft Window

3 min Nexpose

Nexpose Two Factor Authentication

For organizations that want additional security upon login, Nexpose and the Rapid7 Nexpose-Client Ruby Gem will support Two Factor Authentication as of the January 6, 2016 release. Two Factor Authentication requires the use of a time-based one-time password application such as Google Authenticator. Two Factor Authentication can only be enabled by a Global Administrator on the Security Console. To enable Two Factor Authentication: 1. As a Global Administrator, go to the Administration tab. 2.

3 min Nexpose

Have JBoss, Jenkins, WebLogic, WebSphere based applications? Brace yourself, they've got an unwanted Christmas present for you!

Java based server applications are prevalent throughout most corporate networks.  Thousands, if not millions, of applications are deployed using JBoss, Jenkins, WebLogic and WebSphere - so when a vulnerability affecting the underlying technology pops up, the impact can be significant.  A vulnerability was recently discovered affecting any Java application which can receive data back from users, allowing malicious actors to insert unsafe data as it attempts to ingest the information.  The applica

2 min Nexpose

More TLS Improvements in Nexpose 6.1.2

After releasing TLS Coverage Improvements in Nexpose 6.0.2 [/2015/10/14/tls-coverage-improvements-in-nexpose-602] we figured that the Nexpose Security Console should be able to abide by our own suggestions. Last year we had already disabled SSLv3 support by default and allowed configuring what other protocols are enabled on the console as well. With this week's release we're limiting the TLS cipher suites available to the console's web server by default. Similar to the protocols, the cipher suit

1 min Nexpose

New Vulnerability Filtering in Adaptive Security

Nexpose has long provided the ability to filter vulnerabilities by a wide variety of categories and operators. Starting in Nexpose 6.1, filtering in new-vulnerability actions in Adaptive Security closely mirrors that of Nexpose. New vulnerability actions were covered in a recent blog .How Adaptive Security fits into your Vulnerability Management Program). [/2015/11/20/how-adaptive-security-fits-into-your-vulnerability-management-program] Similarity to Nexpose Filtering The enhanced filters no

1 min Nexpose

Configuring the SNMP request timeout

The SNMP protocol is very common, has many implementations and is deployed in diverse networks. In some cases it responds very promptly, in others it is relatively slow to respond. We found that in some environments a 1 second request timeout was insufficient, so in Nexpose 6.1.1 we have changed the default to 3 seconds in order to improve the service and related vulnerability detection. This, however, can have a major impact on scan times on port 161 and may not be desirable on networks with l

4 min Vulnerability Management

How Adaptive Security fits into your Vulnerability Management Program

Building an Application Vulnerability Management Program, found in the SANS Institute Reading Room ( ulnerability-management-program-35297), identifies vulnerability program management as a cyclical process involving the following steps: * Policy * Discovery and Baseline * Prioritization * Shielding and Mitigation * Eliminating the Root Cause * Monitoring While the use of Nexpose applies to several of these

2 min Nexpose

Changes to OVAL in Nexpose 6.0.6

Rapid7 has made it a priority to support security industry standards, including the Open Vulnerability and Assessment Language (OVAL).  Those of you who use Nexpose to measure policy compliance, either by using the built-in CIS, DISA, and USGCB policies, or by writing your own custom policies, are using OVAL for these policies. A decision by the National Institute of Standards and Technology (NIST) has made it necessary for us to make changes in our OVAL implementation.  These changes affect po

2 min Nexpose

Update Tuesday, November 2015

November sees a mix of remote code execution and elevation of privilege vulnerabilities enabling an attacker to gain the same rights as the user when the victim opens specially crafted content, such as a webpage, journal file or document containing embedded fonts. These vulnerabilities affect Internet Explorer (7 and onwards), Edge, and Windows (Vista and onwards).  It is advisable for users and administrators to patch the affected platforms. Microsoft includes 12 security bulletins, a third of

1 min Nexpose

Increasing Risk Visibility

We at Rapid7 are committed to providing our customers with the best, most accurate vulnerability detection and remediation information. To better serve you, starting October 28th, 2015, Rapid7 will begin generating content for Nexpose in a way that will provide greater visibility into risk. This change will start with content generated for Adobe, Debian and Ubuntu and eventually all supported platforms will transition to this approach. For the end user the benefit is more accurate representation

3 min Nexpose

UserInsight Integrates with Nexpose for Total User and Asset Security Visibility

Rapid7's Vulnerability Management and User Behavior Analytics solutions [] , Nexpose and UserInsight, now integrate to provide visibility and security detection across assets and the users behind them. Combining the pair provides massive time savings and simplifies incident investigations by highlighting risk across your network ecosystem without writing queries or digging through logs. Related Resou