5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q1 2022 in Review
The product updates our vulnerability management (VM) team has made to InsightVM and Nexpose in the last quarter will empower you to stay in charge — not the vulnerabilities.
5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q4 2021 in Review
As we enter into the new year, we wanted to provide a recap of product releases and features in InsightVM and Nexpose for Q4 2021.
4 min
InsightVM
InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning
Scan Diagnostics will report a “vulnerable” result against assets when the Scan Engine is supplied with credentials but unable to gather local information.
3 min
Research
Recog: Data Rules Everything Around Me
Rapid7 has updated the recog framework to help solve the conundrum of content versus code.
2 min
Vulnerability Management
Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)
InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.
2 min
InsightVM
Nmap Service Detection for Nexpose and InsightVM Scan Engines
As of version 6.6.14 of Nexpose and InsightVM, the Scan Engine can now utilize Nmap service probes in addition to existing detection methods to improve the discovery of previously unsupported protocols and services.
3 min
InsightVM
Implementing Credential Hygiene with CyberArk and InsightVM
Effectively assess your assets with a scan engine while keeping your credentials safe with the integration between CyberArk and InsightVM and Nexpose.
4 min
Customer Perspective
Automation in Action: How Carnegie Mellon University Combats Vulnerabilities Using Nexpose
We recently spoke with Brian W. Gray, Information Security Engineer for Carnegie Mellon University, about how he manages vulnerabilities with Rapid7's vulnerability assessment solution, Nexpose.
3 min
Nexpose
AWS power-up: Tag import, asset cleanup, AssumeRole, ad-hoc scan
AWS instances present many challenges to security practitioners, who must manage
the spikes and dips of resources in infrastructures that deal in very
short-lived assets. Better and more accurate syncing of when instances are spun
up or down, altered, or terminated directly impacts the quality of security
data.
A New Discovery Connection
Today we’re excited to announce better integration between the Security Console
and Amazon Web Services with the new Amazon Web Services Asset Sync discovery
c
2 min
Vulnerability Management
Apache Struts S2-052 (CVE-2017-9805): What You Need To Know
Apache Struts, Again? What’s Going On?
Yesterday’s Apache Struts vulnerability announcement
[https://www.bleepingcomputer.com/news/security/new-apache-struts-vulnerability-puts-many-fortune-companies-at-risk/]
describes an XML Deserialization issue in the popular Java framework for web
applications. Deserialization of untrusted user input, also known as CWE-502
[https://cwe.mitre.org/data/definitions/502.html], is a somewhat well-known
vulnerability pattern, and I would expect crimeware kits to
4 min
Nexpose
Vulnerability Management Market Disruptors
Gartner’s recent vulnerability management report
[https://www.gartner.com/doc/3775765] provides a wealth of insight into
vulnerability management (VM) tools and advice for how to build effective VM
programs. Although VM tools and capabilities have changed since the report’s
last iteration in 2015, interestingly one thing hasn’t: Gartner’s analysis of
potential disruptors to VM tools and practices.
Great minds think alike, as we’ve been heavily investing in these areas to help
our customers over
4 min
Nexpose
R7-2017-13 | CVE-2017-5243: Nexpose Hardware Appliance SSH Enabled Obsolete Algorithms
Summary
Nexpose [http://www.rapid7.com/products/nexpose] physical appliances shipped
with an SSH configuration that allowed obsolete algorithms to be used for key
exchange and other functions. Because these algorithms are enabled, attacks
involving authentication to the hardware appliances are more likely to succeed.
We strongly encourage current hardware appliance owners to update their systems
to harden their SSH configuration using the steps outlined under “Remediation”
below. In addition, Ra
3 min
Nexpose
InsightVM/Nexpose Patch Tuesday Reporting
Many of our customers wish to report specifically on Microsoft patch related
vulnerabilities
[https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/]. This
often includes specific vulnerabilities that are patched in Patch Tuesday
updates. This post will show you the various ways that you can create reports
for each of these.
Remediation Projects
Remediation Projects are a feature included in InsightVM
[https://www.rapid7.com/products/insightvm/] that allow you to get a live view
2 min
Nexpose
Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose
Just when you'd finished wiping away your WannaCry
[/2017/05/12/wanna-decryptor-wncry-ransomware-explained] tears, the interwebs
dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494
[https://www.rapid7.com/db/vulnerabilities/samba-cve-2017-7494] (no snazzy name
as of the publishing of this blog, but hopefully something with a Lion King
reference will be created soon).
As with WannaCry, we wanted to keep this simple. First, check out Jen Ellis's
overview of the Samba vulnerabil
1 min
Nexpose
WannaCry - Scanning & Reporting
In light of the recent WannaCry Ransomware attacks, I thought it'd be great to
share ways of finding out which assets are susceptible to this attack.
1) Create a custom scan template to check for MS17-010
The easiest way to create a Custom template is by making a copy of an existing
template Administration -> Templates -> Click: Manage Templates -> Copy: Full
audit enhanced logging without Web Spider -> IMPORTANT: Name your copy of the
Scan Template -> Click: Vulnerability Checks -> Click: By I