Posts tagged Nexpose

2 min Vulnerability Management

Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)

InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.

2 min InsightVM

Nmap Service Detection for Nexpose and InsightVM Scan Engines

As of version 6.6.14 of Nexpose and InsightVM, the Scan Engine can now utilize Nmap service probes in addition to existing detection methods to improve the discovery of previously unsupported protocols and services.

3 min InsightVM

Implementing Credential Hygiene with CyberArk and InsightVM

Effectively assess your assets with a scan engine while keeping your credentials safe with the integration between CyberArk and InsightVM and Nexpose.

4 min Customer Perspective

Automation in Action: How Carnegie Mellon University Combats Vulnerabilities Using Nexpose

We recently spoke with Brian W. Gray, Information Security Engineer for Carnegie Mellon University, about how he manages vulnerabilities with Rapid7's vulnerability assessment solution, Nexpose.

3 min Nexpose

AWS power-up: Tag import, asset cleanup, AssumeRole, ad-hoc scan

AWS instances present many challenges to security practitioners, who must manage the spikes and dips of resources in infrastructures that deal in very short-lived assets. Better and more accurate syncing of when instances are spun up or down, altered, or terminated directly impacts the quality of security data. A New Discovery Connection Today we’re excited to announce better integration between the Security Console and Amazon Web Services with the new Amazon Web Services Asset Sync discovery c

2 min Vulnerability Management

Apache Struts S2-052 (CVE-2017-9805): What You Need To Know

Apache Struts, Again? What’s Going On? Yesterday’s Apache Struts vulnerability announcement [https://www.bleepingcomputer.com/news/security/new-apache-struts-vulnerability-puts-many-fortune-companies-at-risk/] describes an XML Deserialization issue in the popular Java framework for web applications. Deserialization of untrusted user input, also known as CWE-502 [https://cwe.mitre.org/data/definitions/502.html], is a somewhat well-known vulnerability pattern, and I would expect crimeware kits to

4 min Nexpose

Vulnerability Management Market Disruptors

Gartner’s recent vulnerability management report [https://www.gartner.com/doc/3775765] provides a wealth of insight into vulnerability management (VM) tools and advice for how to build effective VM programs. Although VM tools and capabilities have changed since the report’s last iteration in 2015, interestingly one thing hasn’t: Gartner’s analysis of potential disruptors to VM tools and practices. Great minds think alike, as we’ve been heavily investing in these areas to help our customers over

4 min Nexpose

R7-2017-13 | CVE-2017-5243: Nexpose Hardware Appliance SSH Enabled Obsolete Algorithms

Summary Nexpose [http://www.rapid7.com/products/nexpose] physical appliances shipped with an SSH configuration that allowed obsolete algorithms to be used for key exchange and other functions. Because these algorithms are enabled, attacks involving authentication to the hardware appliances are more likely to succeed. We strongly encourage current hardware appliance owners to update their systems to harden their SSH configuration using the steps outlined under “Remediation” below. In addition, Ra

3 min Nexpose

InsightVM/Nexpose Patch Tuesday Reporting

Many of our customers wish to report specifically on Microsoft patch related vulnerabilities [https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/]. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects Remediation Projects are a feature included in InsightVM [https://www.rapid7.com/products/insightvm/] that allow you to get a live view

2 min Nexpose

Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose

Just when you'd finished wiping away your WannaCry [/2017/05/12/wanna-decryptor-wncry-ransomware-explained] tears, the interwebs dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494 [https://www.rapid7.com/db/vulnerabilities/samba-cve-2017-7494] (no snazzy name as of the publishing of this blog, but hopefully something with a Lion King reference will be created soon). As with WannaCry, we wanted to keep this simple. First, check out Jen Ellis's overview of the Samba vulnerabil

1 min Nexpose

WannaCry - Scanning & Reporting

In light of the recent WannaCry Ransomware attacks, I thought it'd be great to share ways of finding out which assets are susceptible to this attack. 1) Create a custom scan template to check for MS17-010 The easiest way to create a Custom template is by making a copy of an existing template Administration -> Templates -> Click: Manage Templates -> Copy: Full audit enhanced logging without Web Spider -> IMPORTANT: Name your copy of the Scan Template -> Click: Vulnerability Checks -> Click: By I

2 min Vulnerability Management

CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key

Today, Rapid7 is notifying Nexpose [https://www.rapid7.com/products/nexpose/] and InsightVM [https://www.rapid7.com/products/insightvm/] users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. If you are a Rapid7 customer who has any questions about this issue, please don't hesitate to contact your custome

3 min Metasploit

Exploitable Vulnerabilities: A Metasploit-Vulnerability Management Love Story

Integrating InsightVM [https://www.rapid7.com/products/insightvm/] or Nexpose [https://www.rapid7.com/products/nexpose/] (Rapid7's vulnerability management solutions [https://www.rapid7.com/solutions/vulnerability-management/]) with Metasploit [https://www.rapid7.com/products/metasploit/] (our penetration testing solution [https://www.rapid7.com/solutions/penetration-testing/]) is a lot like Cupid playing “matchmaker” with vulnerabilities and exploit modules [https://www.rapid7.com/fundamentals

4 min Vulnerability Management

Vulnerability Management Tips for the Shadow Brokers Leaked Exploits

Rebekah Brown [/author/rebekah-brown] and the Rapid7 team have delivered a spot-on breakdown of the recent Shadow Brokers exploit and tool release. Before you read any further, if you haven't done so already, please read her post [/2017/04/18/the-shadow-brokers-leaked-exploits-faq]. It's probably not the only post you've read on this topic, but it is cogent, well-constructed and worth the 5 minutes. Back with me? With all of the media attention and discussion in the infosec community, it would

5 min Metasploit

The Shadow Brokers Leaked Exploits Explained

The Rapid7 team has been busy evaluating the threats posed by last Friday's Shadow Broker exploit and tool release [https://arstechnica.com/security/2017/04/purported-shadow-brokers-0days-were-in-fact-killed-by-mysterious-patch/] and answering questions from colleagues, customers, and family members about the release. We know that many people have questions about exactly what was released, the threat it poses, and how to respond, so we have decided to compile a list of frequently asked question

3 min InsightVM

InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)

In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR [https://www.rapid7.com/products/insightidr/] users, who now had the capabilities of a SIEM [https://rapid7.com/solutions/siem/], powered by user behavior analytics (UBA) [https://rapid7.com/solutions/user-behavior-analytics/] and endpoint detection [https://www.rapid7.com/solutions/endpoint-detection-and-response/]. Soon we started

4 min Nexpose

New Vulnerability Remediation Display in Nexpose Gets You to a Fix Faster

Background Information As part of the Nexpose [https://rapid7.com/products/nexpose/] 6.4.28 release on Wednesday, March 29th, we introduced a new way to view remediation solution data in both the Nexpose Console UI and the Top Remediations Report [https://www.rapid7.com/resources/nexpose-top-remediation-report-vid/]. Over the years, we've heard from our customers that the Top Remediations Report is one of the most useful features in our vulnerability management solution [https://www.rapid7.com/

1 min Application Security

Apache Struts Vulnerability (CVE-2017-5638) Protection: Scanning with Nexpose

On March 9th, 2017 we highlighted the availability of a vulnerability check in Nexpose for CVE-2017-5638 [https://rapid7.com/db/modules/exploit/multi/http/struts2_content_type_ognl] – see the full blog post describing the Apache Struts vulnerability here [/2017/03/09/apache-jakarta-vulnerability-attacks-in-the-wild]. This check would be performed against the root URI of any HTTP/S endpoints discovered during a scan. On March 10th, 2017 we added an additional check that would work in conjunctio

2 min Metasploit

Protecting Your Web Apps with AppSpider Defend Until They Can Be Patched

AppSpider [https://rapid7.com/products/appspider/] scans can detect exploitable vulnerabilities in your applications, but once these vulnerabilities are detected how long does it take your development teams to create code fixes for them?  In some cases it could take several days to weeks before a fix/patch to resolve the vulnerability can be deployed, and during this time someone could be actively exploiting this issue in your application.  AppSpider Defend, which is now integrated into AppSpide

7 min Metasploit

Multiple Vulnerabilities Affecting Four Rapid7 Products

Today, we'd like to announce eight vulnerabilities that affect four Rapid7 products, as described in the table below. While all of these issues are relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. If you are a Rapid7 customer who has any questions about these issues, please don't hesitate to contact your customer success manager (CSM), our support team, or leave a comment below. For

1 min Nexpose

CVE-2017-3823: Remote Code Execution Vulnerability in Cisco WebEx Browser Plugin

On January 21st 2017, Google's Project Zero disclosed a vulnerability in Cisco's WebEx browser plugin extension that could allow attackers to perform a remote code execution (RCE) exploit on any Windows host running the plugin. An initial fix was pushed out by Cisco that warned a user if they were launching a meeting from a domain other than *.webex.com or *.webex.com.cn, however, the fix was questioned by April King from Mozilla [https://bugs.chromium.org/p/project-zero/issues/detail?id=1096#c

2 min Nexpose

Scan Configuration Improvements in Nexpose

A common request we hear from customers is for the ability to schedule scans on individual assets, or on subsets of assets. Currently, you can start a manual scan and choose specific IPs, engine and template, but you need to have permissions to create sites in order to schedule such a scan. Good news! In version 6.4.18 version of Nexpose, released Jan 25th 2017, we've addressed this! Now individual site owners can create schedules and choose specific IP's, ranges or asset groups to kick off a

2 min Nexpose

Maximizing PCI Compliance with Nexpose and Coalfire

In 2007 Coalfire selected Rapid 7 Nexpose as the engine around which to build their PCI Approved Scan Vendor offering.  PCI was just a few years old and merchants were struggling to achieve and document full compliance with the highly proscriptive Data Security Standard.  Our goal was to find that classic sports car blend of style and power: a vulnerability assessment solution that was as streamlined and easy to use as possible, but robust enough to significantly improve the customer's security.

2 min Nexpose

Patch Tuesday, January 2017

Update: See below for an update for the upcoming February Patch Tuesday. Microsoft starts off the year with 4 bulletins [https://technet.microsoft.com/library/security/ms17-jan] and continues a long running trend with their products where the majority of bulletins (2) are remote code execution (RCE) followed by an even distribution of elevation of privilege and denial of service. Missing from this month's list of affected products is Internet Explorer, which typically complements the Edge bull

4 min Nexpose

macOS Agent in Nexpose Now

As we look back on a super 2016, it would be easy to rest on one's laurels and wax poetic on the halcyon days of the past year. But at Rapid7 the winter holidays are no excuse for slowing down: The macOS Rapid7 Insight Agent is now available within Nexpose Now. Live Monitoring for macOS Earlier this year, we introduced Live Monitoring for Endpoints [/2016/09/28/live-monitoring-for-endpoints] with the release of a Windows agent for use with Nexpose Now. The feedback from the Community has been

2 min Nexpose

Giving the Gift of Time: Nexpose Adaptive Security Improvements

'Tis the holiday season and the Nexpose [https://www.rapid7.com/products/nexpose/] team is in the giving spirit! At the Rapid7 workshop, we've been busy little helpers building toys for deserving security teams throughout the year. Here are just some of the goodies you can take advantage of NOW: * Remediation Workflows [/2016/09/28/vulnerability-remediation-with-nexpose] - create and assign remediation projects to get to fix faster * Liveboards [/2016/08/16/nexpose-now-notes-august-2016] -

3 min Nexpose

Vulnerability Categories and Severity Levels: "Informational" Vulnerabilities vs. True Vulnerabilities

A question that often comes up when looking at vulnerability management tools [https://www.rapid7.com/products/nexpose/?CS=blog] is, “how many vulnerability checks do you have?” It makes sense on the surface; after all, less vulnerability checks = less coverage = missed vulnerabilities during a scan right? As vulnerability researchers would tell you, it's not that simple: Just as not all vulnerabilities are created equal, neither are vulnerability checks. How “True” Vulnerability Checks Work A

2 min Nexpose

Patch Tuesday, December 2016

December [https://technet.microsoft.com/en-us/library/security/ms16-dec.aspx] continues a long running trend with Microsoft's products where the majority of bulletins (6) are dominated by remote code execution (RCE) followed by an even distribution of elevation of privilege (3) and information disclosure (3). All of this month's critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Exchange, Microsoft Offic

3 min Nexpose

Nexpose Dimensional Data Warehouse and Reporting Data Model: What's the Difference?

The Data Warehouse Export recently [/2016/11/24/dimensional-data-warehouse-export-part-of-nexpose-646] added support for a Dimensional Model for its export schema. This provides a much more comprehensive, accessible, and scalable model of data than the previous (now referred to as "Legacy") model. The foundation for this dimensional model is the same as the Reporting Data Model, which backs the built-in reporting for SQL Query Export. So what exactly is the difference between the Reporting Data

5 min Nexpose

Vulnerability Management: Live Assessment and the Passive Scanning Trap

With the launch of Nexpose Now [https://www.rapid7.com/products/nexpose/now.jsp] in June, we've talked a lot about the “passive scanning trap [https://information.rapid7.com/nexpose-now-release-webcast-6.14.html]” and “live assessment” in comparison. You may be thinking: what does that actually mean?  Good question. There has been confusion between continuous monitoring and continuous vulnerability assessment [https://www.rapid7.com/solutions/vulnerability-assessment.jsp] – and I'd like to pr

3 min Nexpose

Vulnerability Assessment Reports in Nexpose: The Right Tool for the Right Job

Nexpose supports a variety of complementary reporting solutions that allows you to access, aggregate, and take action upon your scan data. However, knowing which solution is best for the circumstance can sometimes be confusing, so let's review what's available to help you pick the right tool for the job. I want to pull a vulnerability assessment report out of Nexpose. What are my options? Web Interface The Nexpose web interface provides a quick and easy way to navigate through your data. You ca

3 min Nexpose

Dimensional Data Warehouse Export, Part of Nexpose 6.4.6

Can You Be Trusted with the Sword of a Thousand Truths? Does the vision of what you want to accomplish appear to you so clearly that it seems real?  After all, you already have the custom integrations, tools, and workflows set that make the most sense in your world.  They are tailored to your organization's unique needs. They are tuned and ready to go – or at least they would be if only you could just get your data. You know that with this, you'd be unstoppable. You want the Sword of a Thousand

1 min Nexpose

Intel Security FOCUS 16 - Recap of a great conference!

Intel Security's user conference FOCUS 16 wrapped up last week, and it was a great experience for Intel Security customers, partners and Rapid7. We announced some exciting new integrations, met with dozens of great mutual customers, and even won some crystal! Here are the highlights of Rapid7's big week at the show: * We're the real MVP! Rapid7 was named Most Valuable Partner [https://securingtomorrow.mcafee.com/business/security-connected/intel-security-innovation-alliance-2016-devcon-awa

3 min Nexpose

Patch Tuesday, November 2016

November [https://technet.microsoft.com/en-us/library/security/ms16-nov.aspx] continues a long running trend with Microsoft's products where the majority of bulletins (7) address remote code execution (RCE), closely followed by elevation of privilege (6) and security feature bypass (1). All of this month's critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Exchange, Microsoft Office, Office Services and

11 min Metasploit

NCSAM: Understanding UDP Amplification Vulnerabilities Through Rapid7 Research

October is National Cyber Security Awareness month and Rapid7 is taking this time to celebrate security research. This year, NCSAM coincides with new legal protections for security research under the DMCA [/2016/10/03/cybersecurity-awareness-month-2016-this-ones-for-the-researchers] and the 30th anniversary of the CFAA - a problematic law that hinders beneficial security research. Throughout the month, we will be sharing content that enhances understanding of what independent security research

3 min Nexpose

Nexpose and DXL Integration: Now We're Talking

Staying Ahead of New Vulnerabilities The security threat landscape is constantly shifting and there are a multitude of solutions for managing threats. An unfortunate effect of having a large toolbox is, the more tools and vendors you have in your toolbox, the more complex your management task becomes. When one facet of your security infrastructure becomes aware of risks, how can you most effectively utilize your full security ecosystem to combat them? With Nexpose's Adaptive Security [https://ww

3 min Nexpose

Publishing Nexpose Asset Risk Scores to ePO

Security professionals today face great challenges protecting their assets from breaches by hackers and malware. A good vulnerability management solution [https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] could help mitigate these challenges, but vulnerability management solutions often produce huge volumes of data from scanning and require lots of time spent in differentiating between information and noise. Rapid7 Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog]

3 min Nexpose

Discovery of ePO Assets in Nexpose

As a corporate network grows and new locations are opened up, it becomes increasingly difficult for companies to keep track of and understand their total asset count and the associated risk exposure. Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog] lets you easily discover all of your assets before a scan, but if that information is already in a great asset management tool like McAfee ePO, why waste time and duplicate efforts? Now you don't have to, with the ability to automatically im

2 min Nexpose

Nexpose integrates with McAfee ePO and DXL: The first unified vulnerability management solution for Intel Security customers!

We wanted to give you a preview into Nexpose's new integration with both McAfee ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL); this is the next stage of our partnership with Intel as their chosen vendor for vulnerability management [PDF] [https://www.rapid7.com/docs/Product-Brief-Nexpose-MVM-with-feature-list-FINAL-120315.pdf] . This partnership is also a first for both Rapid7 and Intel, as Nexpose is the only vulnerability management [https://www.rapid7.com/solutions/vulnerabi

6 min Metasploit

Establishing an Insider Threat Program for Your Organization

Whether employees realize it or not, they can wreak havoc on internal and external security protocols. Employees' daily activities (both work and personal) on their work devices (computers, smartphone, and tablets) or on their company's network can inflict damage. Often called “insider threats, [/2016/05/05/insider-threat-or-intruder-effective-detection-doesnt-care]” employees' actions, both unintentional or intentional, are worth paying heed to whenever possible. Gartner's Avivah Litan reported

3 min Vulnerability Management

Warning: This blog post contains multiple hoorays! #sorrynotsorry

Hooray for crystalware! I hit a marketer's milestone on Thursday – my first official award ceremony, courtesy of the folks at Computing Security Awards [http://computingsecurityawards.co.uk/], which was held at The Cumberland Hotel in London. Staying out late on a school night when there's a 16 month old teething toddler in the house definitely took it's toll the following morning, but the tiredness was definitely softened by the sweet knowledge that we'd left the award ceremony brandishing som

4 min Nexpose

Creating your First Vulnerability Scan: Nexpose Starter Tips

Welcome to Nexpose and the Rapid7 family! This blog is a step by step guide for new Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog] customers to show you how to set up your first site, start a scan, and get your vulnerability management [https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] program under way. First thing's first: A few definitions in Nexpose: Site: A (usually) physical group of assets; i.e. what you want to scan Scan Template: The things that your

2 min Nexpose

Patch Tuesday, October 2016

October [https://technet.microsoft.com/library/security/ms16-oct] continues a long running trend with Microsoft's products where the majority of bulletins (6) address remote code execution (RCE) followed by elevation of privilege (3) and information disclosure (1). All of this month's critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Exchange, Microsoft Office, Office Services and Web Apps, Sharepoint as

2 min Nexpose

New and Improved Policy Manager

This year we've made many enhancements to the configuration policy assessment capabilities in Nexpose, including adding 4 new reports [/2016/07/05/getting-more-out-of-nexpose-policy-reports] and NIST 800-53 controls mapping [/2016/08/11/nist-800-53-control-mappings-in-sql-query-export]. Last week we unveiled a new and improved user interface for the Policy Manager, providing you with more information on your compliance position at your fingertips. With the new interface, you can quickly see how

3 min User Experience

Simplifying BIG Data Within Information Security Applications

Rapid7 wants to help organizations leverage all their data to gain powerful insights into their data security, find and fix exposures that lead to compromise. The User Experience (UX) team at Rapid7 designed a set of tools that help users handle the volume and complexity of their data to make it simple to analyze and remediate on time. But this wasn't a simple task; it took us about a year and a long process of discovery, analysis, strategy, research, design, and production to deliver Nexpose No

2 min Nexpose

Live Monitoring with Endpoint Agents

At the beginning of summer, we announced some major enhancements [https://www.rapid7.com/products/nexpose/now.jsp] to Nexpose including Live Monitoring, Threat Exposure Analytics, and Liveboards, powered by the Insight Platform [https://www.rapid7.com/trust/]. These capabilities help organizations using our vulnerability management [https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] solution to spot changes as it happens and prioritize risks for remediation. We've also been

2 min Nexpose

Vulnerability Remediation with Nexpose

At the beginning of summer, we announced some major enhancements [https://www.rapid7.com/products/nexpose/now.jsp?CS=blog] to Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog] including Live Monitoring, Threat Exposure Analytics, and Liveboards, powered by the Insight Platform [https://www.rapid7.com/trust/?CS=blog]. These capabilities help organizations using our vulnerability management [https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] solution to spot changes as

2 min Nexpose

UNITED 2016: Want to share your experience?

Key trends. Expert advice. The latest techniques and technology. UNITED 2016 [https://unitedsummit.org/?CS=blog] is created from the ground up to provide the insight you need to drive your security program forward, faster. This year, we're also hoping you can provide us with the insight we need to make our products and services even better. That's why we're running two UX focus groups on November 1, 2016. We'd love to see you there—after all, your feedback is what keeps our solutions ever-evolvi

4 min Nexpose

InsightIDR & Nexpose Integrate for Total User & Asset Security Visibility

Rapid7's Incident Detection and Response [https://www.rapid7.com/solutions/incident-detection/] and Vulnerability Management [https://www.rapid7.com/solutions/vulnerability-management.jsp] solutions, InsightIDR [https://www.rapid7.com/products/insightidr/] and Nexpose [https://www.rapid7.com/products/nexpose/], now integrate to provide visibility and security detection across assets and the users behind them. Combining the pair provides massive time savings and simplifies incident investigation

2 min Nexpose

Remediating the CISCO EXTRABACON Vulnerability (CVE-2016-6366) with Nexpose

Recently, our research team recently wrote an extensive blog [/2016/09/06/bringing-home-the-extrabacon?CS=blog] on the EXTRABACON exploit (finally a name that we can all get behind). Our research with Project Sonar showed that a large number of devices and organizations are still exposed to this vulnerability, even though a patch has been released; and today I thought we'd get pragmatic and show how you can measure your exposure using Nexpose vulnerability management. [https://www.rapid7.com/s

3 min Nexpose

Patch Tuesday, September 2016

September [https://technet.microsoft.com/en-us/library/security/ms16-sep.aspx] continues a long running trend with Microsoft's products where the majority of bulletins (10) address remote code execution (RCE) followed by elevation of privilege (2) and information disclosure (2). All of this month's critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Exchange, Microsoft Office, Office Services and Web Apps

4 min Nexpose

Vulnerability Management Technique: Managing Asset Exclusion to Avoid Blind Spots

Don't Create Blind Spots As a consultant for a security company like Rapid7, I get to see many of the processes and procedures being used in Vulnerability Management [https://www.rapid7.com/solutions/vulnerability-management.jsp] programs across many types of companies. I must admit, in the last few years there have been great strides in program maturity across the industry, but there is always room for improvement. Today I am here to help you with one of these improvements – avoiding asset risk

3 min Nexpose

Building A Vulnerability Management Program that Thinks Like an Attacker, But Prioritizes Like a Business

Vulnerabilities are not created equal, not when there are so many dependencies, not only around the vuln itself, but it's applicability to your business. Sure, CVSS helps, a little, but ultimately what it has left us all with is a long list of 9s and 10s (or ‘high' alerts) and zero visibility into what to actually fix first. Ideally your vulnerability management program is prioritizing vulnerabilities by business impact, not just CVSS. In 2009 Rapid7 acquired Metasploit [https://www.rapid7.com/

2 min Authentication

Credential Status in Reporting Data Model

The new version of Reporting Data Model (1.3.1) allows Nexpose [https://www.rapid7.com/products/nexpose/] users to create CSV reports providing information about credential status of their assets, i.e. whether credentials provided by the user (global or site specific) allowed successful login to the asset during a specific scan. Credential Status Per Service The new Reporting Data Model version contains fact_asset_scan_service enhanced with the new column containing the information about creden

2 min Nexpose

Patch Tuesday, August 2016

August continues [https://technet.microsoft.com/en-us/library/security/ms16-aug.aspx] an on-going trend with Microsoft's products, the majority of bulletins (5) address remote code execution (RCE) followed by elevation of privilege (2), security feature bypass (1) and information disclosure (1). All of this month's critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Microsoft Office, Office Services and We

3 min Log Management

Nexpose Logging Analytics using LogEntries

This blog shows how to use the power of LogEntries [https://logentries.com/] Search and Analytics to monitor your Nexpose installation. LogEntries has joined [/2015/10/13/why-we-re-welcoming-logentries-to-the-rapid7-family-a-story-of-data-and-analytics] the Rapid7 family and offers several powerful capabilities to search, analyze, monitor and alert on your Nexpose installation. LogEntries is also super easy to set up and maintain. I spent about five minutes getting it running. The Nexpose engi

5 min Metasploit

Pentesting in the Real World: Gathering the Right Intel

This is the first in a series of blog topics by penetration testers, for penetration testers, highlighting some of the advanced pentesting techniques they'll be teaching in our new Network Assault and Application Assault certifications, opening for registration this week. For more information, check out the training page at www.rapid7.com/services/training-certification/penetration-testing-training.jsp [http://www.rapid7.com/services/training-certification/penetration-testing-training.jsp] So

2 min Nexpose

Better, Faster, Stronger: Nexpose Scan Times improved by over 10x!

In any vulnerability management [https://www.rapid7.com/solutions/vulnerability-management.jsp] program, defenders are always racing against time to identify new exposures and get the latest data. The recent Nexpose Now release made this easier than ever in Nexpose, but active scans will always remain important. Over the past quarter, we've made major strides in improving our scan engine performance so that customers can get the data and the fixes they need fast enough to keep up with the bad gu

2 min Nexpose

Patch Tuesday, July 2016

July [https://technet.microsoft.com/en-us/library/security/ms16-jul.aspx] continues an on-going trend with Microsoft's products where the majority of bulletins (6) address remote code execution (RCE) followed by information disclosure (2), security feature bypass (2) and elevation of privilege (1). All of this month's 'critical' bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Microsoft Office, Office Services

2 min Nexpose

Getting More Out of Nexpose Policy Reports

Auditing your systems for compliance with secure configuration policies like CIS, DISA STIGs, and USBCG is an important part of any effective security program, not to mention a requirement for many industry and regulatory compliances like PCI, DSS, and FISMA. With Nexpose, you can automate this assessment using our Policy Manager feature. Back in March we launched two brand new policy report templates, Policy Rule Breakdown Summary and Top Policy Remediations, to help organizations understand h

2 min Nexpose

Vulnerability Regression Monitoring With Nexpose

Recently I've been diving into some advanced [/2016/05/26/impact-driven-risk-analysis] and targeted [/2016/05/31/targeted-analysis-default-accounts] analysis features. Today I'd like to keep things simple while still addressing a significant use case - Vulnerability Regression. Often times the immediate response to high visibility vulnerabilities does not involve setting up future monitoring, leaving the door open for the same vulnerabilities to show back up time and again. [RELATED: Vulnerabi

2 min Nexpose

Update Tuesday, June 2016

June continues an on-going trend with Microsoft's products where the majority of bulletins (7) address remote code execution (RCE) with elevation of privilege as a close second (6); the three address information disclosure (2) and denial of service. All critical bulletins are remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet Explorer, Microsoft Office, Office Services and Web Apps as well as Windows (client and server). However, this mon

6 min Vulnerability Management

Vulnerability Management Needs To Stop Slowing Security Improvement

Incremental improvement is great. Nothing, especially in the world of software, is perfect when first released to the market, so iterative improvement is an expectation every customer must have. But problems begin to arise for users when incremental improvement becomes the accepted norm for long periods of time. Many experts in the vulnerability management market believe that is what's happened in the industry: vendors continuously spit out minimal, albeit important, updates such as a new report

3 min Nexpose

Nexpose Now: Because Security Doesn't Wait

Attackers don't wait for your schedule, in fact, they try and take advantage of your ‘windows of wait' when you're biding your time waiting for a scan. Just think of your typical Patch Tuesday, when you walk in on Wednesday your vulnerability management solution has all the checks, but then you wait for that next scan. You wait for data to be recollected, assessed, and then hopefully served up in a way that is intuitive and describes exactly what you need to do, and when. At that point the work

5 min Nexpose

Focusing on Default Accounts - Targeted Analysis With Nexpose

In my last blog post I went in depth on Impact Driven Analysis and Response [/2016/05/26/impact-driven-risk-analysis], an often-overlooked but very handy analysis option in Nexpose. Today I'd like to talk about another great option for analysis - filtering assets based on their discovered vulnerabilities by Vulnerability Category. We will use Filtered Asset search to take a focused look at a specific category: Default Account findings. Default accounts are high significance findings with low e

4 min Nexpose

Impact Driven Risk Analysis and Response With Nexpose

Today I'd like to highlight an often overlooked but very handy analysis option in Nexpose - filtering assets based on their discovered vulnerability CVSS Impact Metrics (Confidentiality, Integrity, Availability). We will use RealContext tags and Filtered Asset Search to answer the following questions: * Are there any Availability Impact findings on High Availability systems? ( i.e. web servers, authentication servers) * Are there any Confidentiality Impact findings on systems with Highly

2 min Nexpose

Patch Tuesday, May 2016

May continues a long-running trend with Microsoft where the majority of bulletins (10) address remote code execution (RCE) vulnerabilities; the remaining address elevation of privilege (2), information disclosure (2) and security feature bypass. All critical bulletins are remote code execution issues affecting a variety of products and platforms including Adobe Flash Player, Edge, Internet Explorer, .NET Framework, Office, Office Services and Web Apps and Windows (client and server). Looking b

1 min Incident Detection

Redner's Markets Selects Nexpose & InsightUBA for Compliance and Incident Detection

With breaches making regular headlines, security teams are under more scrutiny than ever before. This is especially true in retail, where strong security practices are paramount to protecting customer and organizational data. PCI DSS compliance is a key component of any retail organization's security program. As a level 2 merchant, Redner's Markets [http://www.rednersmarkets.com/] must conduct regular vulnerability scans, collect logs, and review them daily. “Compliance was what began our rel

2 min Nexpose

Nexpose Content Release Cadence

Over the past year our Nexpose team has taken on the challenge of overhauling our product and internal processes to enable more frequent and seamless content releases. The objective is simple, get customers content to their consoles faster without disrupting their workflow and currently running or scheduled scans. This enables security teams to respond to industry trends much faster and coupled with our new adaptive security feature enables low impact delta scans of just the new or updated vulne

2 min Nexpose

Adaptive Security: Rapid7 Critical Vulnerability Category

Starting this week, we have added a new vulnerability category: Rapid7 Critical. When we examine a typical vulnerability, each vulnerability comes with various pieces of information such as CVE id, CVSS score, and others. These pieces of information can be very handy especially when you set up Automated Actions in Nexpose. Here is an example: As you can see the example on the right, this trigger will initiate a scan action if there is a new coverage available that meets the criteria of CVSS

2 min Nexpose

Update Tuesday, April 2016

April continues a long-running trend with Microsoft where the majority of bulletins (9) address remote code execution (RCE) vulnerabilities; the remaining address elevation of privilege (2), security feature bypass and denial of service (DOS). All critical bulletins are remote code execution issues affecting a variety of products and platforms including Adobe Flash Player, Edge, Internet Explorer, .NET Framework, Office, Office Services and Web Apps, Skype for Business, Lync and Windows (client

3 min Nexpose

Optimizing Adaptive Security: New and Known Assets

Since I started working on Rapid7's Information Security team, I've had firsthand experience with what is arguably the hardest part of vulnerability management: Creating and updating a complete inventory of your assets and their vulnerabilities. While you'll never be able to achieve perfection in this regard, Adaptive Security in Nexpose [https://www.rapid7.com/products/nexpose/nx6.jsp] makes it significantly easier for InfoSec teams to improve their current vulnerability management program with

1 min Nexpose

New Policy Reports in Nexpose

With Nexpose, you can assess your network for secure configurations at the same time as vulnerabilities, giving you a unified view of your risk and compliance posture. The latest version of Nexpose focuses on making it easier to understand how well you're doing and the actions to take to improve overall compliance. Starting with Nexpose 6.2.0, users now have access to two brand new policy reports that help you take control of your compliance program and focus on what is important. The first r

2 min Nexpose

MVM Migration to Nexpose - Toolkit

As most, if not all, current Intel Security customers are aware, Intel has announced the End-of-Life of the McAfee Vulnerability Manager, aka. MVM. Coupled with that announcement, Intel also announces it has partnered with Rapid7 and is recommending that current, and future Intel Security customers, leverage Rapid7's Nexpose to fill their vulnerability and threat exposure management needs. To aid in the transition from MVM to Nexpose, Rapid7, has developed a Migration Toolkit. The Toolkit conta

3 min Nexpose

How to use Nexpose to find all assets affected by DROWN

Introduction DROWN is a cross-protocol attack against OpenSSL. The attack uses export cipher suites and SSLv2 to decrypt TLS sessions. SSLv2 was developed by Netscape and released in February 1995. Due to it containing a number of security flaws, the protocol was completely redesigned and SSLv3 was released in 1996. Even though SSLv2 was declared obsolete over 20 years ago, there are still servers supporting the protocol. What's both fascinating and devastating about the DROWN attack, is that se

1 min Nexpose

Nexpose OS Fingerprinting Feedback

Have you ever run a Nexpose scan and had the wrong operating system identified for an asset? Perhaps the incorrect TCP/IP stack fingerprint was used, or you scanned an embedded device we haven't seen before. The March 9th release of Nexpose (6.1.14) has a new feature that allows you easily report such fingerprinting errors to Rapid7 and helps us to improve fingerprinting accuracy. No need to open a support ticket! A new feedback button (circled below), available on the Asset detail page next to

2 min Nexpose

Update Tuesday, March 2016

March continues this quarter's trend with the majority of bulletins (8) addressing remote code execution (RCE) vulnerabilities; the remaining address elevation of privilege (4) and security feature bypass. All of the critical bulletins are remote code execution issues affecting a variety of products and platforms including Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windows (Client and Server). This month Microsoft resolves 39 vulnerab

1 min Nexpose

Nexpose Receives AWS Certification

Rapid7's Nexpose just became the first Threat Exposure Management solution to complete AWS' new rigorous pre-authorized scanning certification process! Normally, a customer must request permission from AWS support to perform vulnerability scans. This request must be made for each vulnerability scan engine or penetration testing tool and renewed every 90 days. The new pre-authorized Nexpose scan engine streamlines the process. When a pre-authorized scan engine is launched from the AWS Marketplac

3 min AWS

Nexpose Scan Engine on the AWS Marketplace

Update September 2017: For even more enhanced capabilities, check out the AWS Web Asset Sync Discovery Connection [/2017/09/14/aws-power-up-tag-import-asset-cleanup-assume-role-ad-hoc-scan/]. Rapid7 is excited to announce that you can now find a Nexpose Scan Engine AMI on the Amazon Web Services Marketplace making it simple to deploy a pre-authorized Nexpose Scan Engine from the AWS Marketplace to scan your AWS assets! What is an AMI ? An Amazon Machine Image (AMI) allows you to launch a virt

3 min Nexpose

Nation's 'Hacker-in-Chief' Demonstrates Old Dog's Value

In today's security ecosystem, there are several technologies/programs that are considered to be the old dogs.  They've been around the block a few times, have a few gray hairs, and just aren't as sexy anymore.  Most companies have had these technologies for years now, and they typically don't get the headlines that some of the newer, hotter technologies are getting.  Antivirus, Email Security, Firewalls, and Vulnerability Management are a few of these.  It's hard to compete with big-data-machin

1 min Nexpose

Update Tuesday, February 2016

February continues this quarter's trend with the majority of bulletins (7) addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly address denial of service (DOS) and elevation of privilege. All of the critical bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are remote code execution issues affecting a variety of products and platforms include Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windo

2 min Windows

Nexpose Remote Registry Activation for Windows

The Windows Registry is a database which stores all settings for a Windows system, e.g. hardware, software installed, Windows updates installed and preferences for users and their applications.  During normal day to day use a standard user will inadvertently push changes into this database when they update the system, add/remove applications and so on. Remote Registry is a Windows service which allows a non-local user to read or make changes to the registry on your Windows system when they are

1 min Nexpose

Update Tuesday, January 2016

The year's first release contains 9 bulletins, 7 remote code execution (RCE), an elevation of privilege and spoofing vulnerability. The critical bulletins (MS15-001, MS15-002, MS15-003, MS15-004, MS15-005, MS15-006) are comprised of remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet Explorer (7 and onwards), Excel Viewer, Office, SharePoint Server, Silverlight, Word Viewer, VBScripting engine and all supported releases of Microsoft Window

3 min Nexpose

Nexpose Two Factor Authentication

For organizations that want additional security upon login, Nexpose and the Rapid7 Nexpose-Client Ruby Gem will support Two Factor Authentication as of the January 6, 2016 release. Two Factor Authentication requires the use of a time-based one-time password application such as Google Authenticator. Two Factor Authentication can only be enabled by a Global Administrator on the Security Console. To enable Two Factor Authentication: 1. As a Global Administrator, go to the Administration tab. 2.

3 min Nexpose

Have JBoss, Jenkins, WebLogic, WebSphere based applications? Brace yourself, they've got an unwanted Christmas present for you!

Java based server applications are prevalent throughout most corporate networks.  Thousands, if not millions, of applications are deployed using JBoss, Jenkins, WebLogic and WebSphere - so when a vulnerability affecting the underlying technology pops up, the impact can be significant.  A vulnerability was recently discovered affecting any Java application which can receive data back from users, allowing malicious actors to insert unsafe data as it attempts to ingest the information.  The applica

2 min Nexpose

More TLS Improvements in Nexpose 6.1.2

After releasing TLS Coverage Improvements in Nexpose 6.0.2 [/2015/10/14/tls-coverage-improvements-in-nexpose-602] we figured that the Nexpose Security Console should be able to abide by our own suggestions. Last year we had already disabled SSLv3 support by default and allowed configuring what other protocols are enabled on the console as well. With this week's release we're limiting the TLS cipher suites available to the console's web server by default. Similar to the protocols, the cipher suit

1 min Nexpose

New Vulnerability Filtering in Adaptive Security

Nexpose has long provided the ability to filter vulnerabilities by a wide variety of categories and operators. Starting in Nexpose 6.1, filtering in new-vulnerability actions in Adaptive Security closely mirrors that of Nexpose. New vulnerability actions were covered in a recent blog .How Adaptive Security fits into your Vulnerability Management Program). [/2015/11/20/how-adaptive-security-fits-into-your-vulnerability-management-program] Similarity to Nexpose Filtering The enhanced filters no

1 min Nexpose

Configuring the SNMP request timeout

The SNMP protocol is very common, has many implementations and is deployed in diverse networks. In some cases it responds very promptly, in others it is relatively slow to respond. We found that in some environments a 1 second request timeout was insufficient, so in Nexpose 6.1.1 we have changed the default to 3 seconds in order to improve the service and related vulnerability detection. This, however, can have a major impact on scan times on port 161 and may not be desirable on networks with l

2 min Nexpose

Update Tuesday, December 2015

December continues this quarter's trend, 10 bulletins addressing remote code execution (RCE) vulnerabilities, while the remaining two address elevation of privilege. The vulnerabilities affect Internet Explorer (7 and onwards), Edge, Office, Silverlight, VBScript scripting engine and Windows (Vista and onwards). It is advisable for users and administrators to patch the affected platforms. Microsoft released 12 security bulletins this month, two thirds of them rates as critical, resolving a tot

4 min Vulnerability Management

How Adaptive Security fits into your Vulnerability Management Program

Building an Application Vulnerability Management Program, found in the SANS Institute Reading Room ( https://www.sans.org/reading-room/whitepapers/application/building-application-v ulnerability-management-program-35297), identifies vulnerability program management as a cyclical process involving the following steps: * Policy * Discovery and Baseline * Prioritization * Shielding and Mitigation * Eliminating the Root Cause * Monitoring While the use of Nexpose applies to several of these

2 min Nexpose

Changes to OVAL in Nexpose 6.0.6

Rapid7 has made it a priority to support security industry standards, including the Open Vulnerability and Assessment Language (OVAL).  Those of you who use Nexpose to measure policy compliance, either by using the built-in CIS, DISA, and USGCB policies, or by writing your own custom policies, are using OVAL for these policies. A decision by the National Institute of Standards and Technology (NIST) has made it necessary for us to make changes in our OVAL implementation.  These changes affect po

2 min Nexpose

Update Tuesday, November 2015

November sees a mix of remote code execution and elevation of privilege vulnerabilities enabling an attacker to gain the same rights as the user when the victim opens specially crafted content, such as a webpage, journal file or document containing embedded fonts. These vulnerabilities affect Internet Explorer (7 and onwards), Edge, and Windows (Vista and onwards).  It is advisable for users and administrators to patch the affected platforms. Microsoft includes 12 security bulletins, a third of

1 min Nexpose

Increasing Risk Visibility

We at Rapid7 are committed to providing our customers with the best, most accurate vulnerability detection and remediation information. To better serve you, starting October 28th, 2015, Rapid7 will begin generating content for Nexpose in a way that will provide greater visibility into risk. This change will start with content generated for Adobe, Debian and Ubuntu and eventually all supported platforms will transition to this approach. For the end user the benefit is more accurate representation

3 min Nexpose

UserInsight Integrates with Nexpose for Total User and Asset Security Visibility

Rapid7's Vulnerability Management and User Behavior Analytics solutions [https://www.rapid7.com/products/userinsight/user-behavior-analytics-user-activity-monitoring.jsp] , Nexpose and UserInsight, now integrate to provide visibility and security detection across assets and the users behind them. Combining the pair provides massive time savings and simplifies incident investigations by highlighting risk across your network ecosystem without writing queries or digging through logs. Related Resou

3 min Nexpose

Nexpose 6.0: Using Adaptive Security

Overview Adaptive Security is a new feature released in Nexpose 6.0 that dynamically collects and analyzes the important network changes with minimal configuration needed from the user. This new feature allows you to create workflows called automated actions that can respond to various behaviors occurring in your environment automatically. For further explanation, please feel free to read Adaptive Security Overview. [/2015/10/02/adaptive-security-overview] Triggers and Actions Currently Adapti

3 min Nexpose

Rapid7 joins Cisco ISE Ecosystem for Endpoint Vulnerability & Threat Defense

I was pretty excited when Cisco came to Rapid7 last year and offered for us to be one of their launch partners for their Identity Services Engine (ISE) Ecosystem. Flash forward one year, and the public unveiling of Rapid7 joining the ISE partner ecosystem was announced earlier this week at Cisco Live [http://www.ciscolive.com/us/?zid=globalbox] in San Diego, California. If you are not familiar with Cisco Live, it's a massive conference that attracts more than 26,000 attendees who fly into bea

4 min User Experience

Nexpose 6.0: New and Improved User Experience

Introduction My name is JF Boisvert - Nexpose Senior UX Architect. In this role, I see opportunities everyday to improve our user flows, visual design, and customer usage. I am excited to share with you valuable insights into the Nexpose 6 product development process, and how we are making a better, more usable product. Process With Nexpose 6, we are laying a new foundation which will percolate across all of our product line to eventually unify the look, experience, and interactions our custom

2 min Nexpose

Aiming at critical moving targets: Advanced Nexpose scanning

One of the exciting but challenging aspects of working in the security industry is how quickly things change. You have to protect critical data while physical and virtual devices are coming on and offline, and new threats are announced on a regular basis. Advanced features in Nexpose are designed to help you respond to these complicated situations. The ability to scan dynamic assets allows you to keep on top of your network even when addresses may be in flux. By scheduling scans, you can use

1 min Nexpose

The Easy Button for Updating your Nexpose Database

Relax while Nexpose does the work for you You may have received notifications that you need to update your Nexpose database soon in order to continue receiving product updates. You may have been putting it off because it sounds like a pain. Good news: it's simple! Have you seen the Staples commercials with the “easy button?” Nexpose basically has that for the update. You don't have to go in to your database and mess around with an upgrade wizard. Nexpose handles all that for you. All you ha

1 min Nexpose

Nexpose Coverage Toolkit Update

A couple of weeks back I told you all about the new capability to add custom protocol support in Nexpose. [/2015/06/30/introducing-the-nexpose-coverage-toolkit]At first we had opened the github repo [https://github.com/rapid7/coverage-toolkit] up as invitation only.  I'm excited to tell you that since then we've expanded the testability, added more protocols, and as of last week we opened it to the public. One of the best things about improving protocol detection is increased scan speed.  Gett

4 min Nexpose

Not stuck in the middle: How to dynamically find assets with vulnerable versions of OpenSSL

On July 9, 2015, the OpenSSL team has announced a vulnerability in specific versions of OpenSSL 1.0.1 and 1.0.2. This vulnerability is listed as “high severity” because it can fail to correctly validate that a certificate presented is issued by a trusted Certificate Authority, leaving systems vulnerable to man-in-the-middle (MITM) attacks. To learn more, see Tod Beardsley's blog post at /2015/07/09/cve-2015-1793-ope nssl-certificate-authority-impersonation [/2015/07/09/cve-2015-1793-openssl-cert

3 min Nexpose

New and improved asset tracking in Nexpose

As of Nexpose 5.13, Nexpose makes it easier for you to gain an asset centric-view of your environment, which will help you with tracking and reporting. An asset is a single device on a network that the application discovers during a scan.  As you may have noticed, Nexpose 5.13 included new functionality: you can now scan asset groups [https://community.rapid7.com/Rapid7_BlogPostDetail?id=a111400000AapXqAAJ]. An asset group is a logical collection of managed assets. Nexpose enables you to config

2 min Nexpose

Why and how to make sure your scan credentials are configured correctly

Recently in Computerworld, a security manager reported on a frightening realization about the user account he was using in his unnamed vulnerability scanner. > The product I use relies on a user account to connect to our Microsoft Windows servers and workstations to check them for vulnerable versions of software, and that user account had never been configured properly. As a result, the scanner has been blind to a lot of vulnerabilities. For more details, see http://www.computerworld.com/art

2 min Nexpose

Nexpose Gem 1.0 Released

As of April 8th, 2015, version 1.0 of the Nexpose gem (nexpose-client) is available. Big Numbers Mean Big Changes Nexpose 5.13 brings new API 2.1 features and following on that the 1.0 version of the Nexpose gem uses these new features. Because of this, the new version of the gem includes some changes that are not backwards compatible with older versions of the gem or Nexpose. A migration guide is available [https://github.com/rapid7/nexpose-client/wiki/Conversion-Guide%3A-0.9.x-to-1.0.0] to h

2 min Nexpose

Using Asset Group Scanning to Devise a Granular Scanning Strategy

In the 5.13 release of Nexpose, you will notice some new functionality when configuring a site. In addition to being able to scan addresses or range of addresses, as we have done in the past, you now have the ability to define asset groups that you wish to be scanned. Traditionally, it has been recommended for customers to scan an entire network or range of networks, as opposed to specifying targets individually, This is to ensure proper coverage and to prevent the need to continually reconcile

3 min Nexpose

Rapid7 wins SC Magazine 2015 Best Vulnerability Management Solution

We found out on Tuesday night that we won the SC Magazine Awards for Best Vulnerability Management Solution. I am extremely honored and glad that we won, and we owe it entirely to our amazing customers who have stayed with us over the years and helped us shape Nexpose into what it is today. We truly believe that customers are at our core and they are our partners—not in crime, but in anti-crime. I can't help but reflect on how much Rapid7 and Nexpose have grown since I started at Rapid7 around

1 min Metasploit

Nexpose and Metasploit Training and Certification Courses Filling Up Fast!

Looking to amp-up or fine-tune your security prowess? UNITED conference attendees get the chance to do just that by registering for additional small group training and certification courses (Nexpose Basic, Metasploit Basic, and Nexpose Advanced). Since we're keeping the sessions intimate, spots are filling up quickly! Save your spot now for two days of formalized, curriculum-based training with Rapid7 experts [http://www.unitedsummit.org/new-registration.jsp]. You'll get to: * Share best p

4 min Nexpose

GHOSTbuster: How to scan just for CVE-2015-0235 and keep your historical site data

A recently discovered severe vulnerability, nicknamed GHOST, can result in remote code execution exploits on vulnerable systems. Affected systems should be patched and rebooted immediately. Learn more about [/2015/01/27/ghost-in-the-machine-is-cve-2015-0235-another-heartbleed] CVE-2015-0235 and its risks [/2015/01/27/ghost-in-the-machine-is-cve-2015-0235-another-heartbleed]. The Nexpose 5.12.0 content update provides coverage for the GHOST vulnerability. Once the Nexpose 5.12.0 content update

1 min Nexpose

Give the people what they want! #MOARCHECKS

I've been working in the exposure management space for almost 9 years now and if there is one thing that has not changed in that time, it's the demand for more coverage.  People always want more because there always *is* more.  More software, more platforms, more protocols, more compliance and configuration standards, and always, always, always, more vulnerabilities.  By "people" I mean customers, prospects, community users, really anybody who cares about what an exposure management product, suc

3 min Metasploit

12 Days of HaXmas: Metasploit, Nexpose, Sonar, and Recog

This post is the tenth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. The Metasploit Framework uses operating system and service fingerprints for automatic target selection and asset identification. This blog post describes a major overhaul of the fingerprinting backend within Metasploit and how you can extend it by submitting new fingerprints. Historically, Metasploit wasn't great at fin

2 min Nexpose

Why that CVSS score? HTTP TRACE vulnerability-your questions answered

Recently we saw that there were some questions on Twitter about the HTTP TRACE vulnerability check in Nexpose, specifically around the CVSS score.  Thank you @digininja [http://twitter.com/digininja], @tautology0 [http://twitter.com/tautology0], and @raesene [http://twitter.com/raesene] for raising this issue - we love to hear from our users and appreciate honest feedback on our solutions. Questions like these cause us to challenge our own assumptions and reasoning, which is always a healthy pr

2 min Nexpose

How to use Nexpose as part of your internal PCI compliance program

If your systems process, store, or transmit credit card holder data, you may be using Nexpose to comply with the Payment Card Industry (PCI) Security Standards Council Data Security Standards (DSS [https://www.pcisecuritystandards.org/security_standards]). The newest PCI internal audit scan template released as part of Nexpose 5.11.4 is designed to help you conduct your internal assessments as required in the DSS. To learn more about PCI DSS 3.0, visit our resource page [http://www.rapid7.com/r

2 min Nexpose

Nexpose API: SiteSaveRequest and IP Addresses vs Host Names

With the release of Nexpose 5.11.1 [https://help.rapid7.com/nexpose/en-us/release-notes/] we made some changes under the hood that improved scan performance and scan integration performance. As a result of those changes, the rules applied to using SiteSaveRequest in API 1.1 became stricter, which may have caused issues for some users. In the past this "worked" for the most part, though there were certainly side effects observable in the Web interface after the fact. Since these issues were not a

1 min Metasploit

Federal Friday - 11.7.14 - Up in the Clouds...

Happy Friday, Federal friends! I hope everyone had a festive Halloween! According to the commercials I've been seeing on starting on 11/1 I guess we're skipping Thanksgiving this year and jumping right into the Holiday Season [http://www.idigitaltimes.com/black-friday-sales-2014-store-hours-and-start-time-target-walmart-best-buy-kmart-393775] ... So the time has finally come, Fed is starting to embrace the cloud (slowly). Within the last week we've seen NIST push out a road map for Cloud Infra

3 min Metasploit

Federal Friday - 10.24.14 - NCSAM Week 4

Happy Friday, Federal friends! Can anyone else believe next week is Halloween? Feels like only yesterday I was talking about the start of the MLB season and now we're through 2 games of the World Series... So this week is the 4th week of National Cybersecurity Awareness Month [http://www.dhs.gov/national-cyber-security-awareness-month-2014-week-four]. To me this is one of the more important weeks as the campaign centers around Cybersecurity for Small/Medium sized businesses and Entrepreneurs. T

2 min Nexpose

Filter for POODLE and Other Specific Vulnerabilities

Filtering by Vulnerability and CVE ID Has your organization been impacted by the latest security vulnerabilities? Nexpose now makes it even easier for you to answer this question. Enhanced asset and vulnerability filtering features come with Nexpose 5.10.15.  It is now easier for you to search your assets by using a new CVE ID option as a filter criterion. You can also narrow down your list of vulnerabilities depending on which vulnerability category you wish to view or what CVE ID they have bee

2 min Nexpose

Improve your scan performance with Scan Engine pooling

You can improve the speed of your scans for large numbers of assets in a single site by pooling your Scan Engines. With pooling, the work it takes to scan one large site is split across multiple engines to maximize pool utilization. Additionally, engine pooling can assist in cases of fault tolerance. For example, if one Scan Engine in the pool fails during a scan, it will transfer the scanning tasks of that asset to another engine within the pool. Available with the release of Nexpose 5.11, thi

2 min Metasploit

Federal Friday - 10.17.14 - Cybersecurity Awareness Month

Happy Friday, Federal friends. I hope the 2nd full week of FY15 is going well for you. Feels like we have the last 2 warm days of the year coming up this weekend thanks in part to this little graphic from NOAA. October, one of the nicer month's out of the year is also known as Cybersecurity Awareness month. We talked about it earlier this month in another blog post [/2014/10/06/cyber-security-awareness-month-taking-it-to-the-c-level-and-beyond] , but I wanted to highlight it here as well. While

2 min Nexpose

Site Consolidation with the Nexpose Gem

The introduction of the scan export/import feature opens up the ability to merge sites, at least through the Ruby gem. Imagine a scenario where you had split up your assets into several sites, but now you realize it would be easier to manage them if you just merge them into one. Maybe you have duplicate assets across sites and that wasn't your intent. The script below allows you to merge multiple sites into one. I replays the scans from each site into the new one (in just a fraction of the amou

1 min Metasploit

Federal Friday - 10.3.14 - Happy (Fiscal) New Year

Happy Friday, Federal Friends! Something seems a little different this year than last year, can't quite put my finger on it though... [/2013/10/04/federal-friday--10413--shutdown-edition] So, being that we all just made it through another roller coaster of a FY I wanted to keep today fairly light. Just as we've seen the frequency of attacks increase we have also seen a dramatic rise in cyber related plot lines and references in mainstream media. The latest being a CBS show called Scorpion, ahem

2 min API

Scan Export/Import Using the nexpose-client Gem

The latest release (5.10.13) introduces a new feature into Nexpose, scan exporting and importing. We're looking to address a need in air-gap environments, where customers can have multiple consoles to address network partitioning. This approach is not without its warts. For example, if you have deleted assets from a site, this process will bring them back to life. This post is going to walk through a pair of Ruby scripts using the nexpose-client gem. The first script will export the site config

1 min Metasploit

Federal Friday - 9.26.14 - Shell Shocked and Bashed

Happy Friday, Federal Friends! Having a relatively quiet week? Just looking forward to a quiet end to FY14? Riiiiiiiiight, same here.... Most of you probably had an interesting 2nd half of the week just as we are. Like a judge at the Olympics, DHS [http://www.huffingtonpost.com/2014/09/24/new-bash-software-bug-m_n_5878398.html?ir=Technology] has scored this little diddy a 10 out of 10 both in impact and how easy it is to use this vuln to run an exploit. While this doesn't have the "world-is-end

2 min Metasploit

Federal Friday - 9.19.14 - Talk Like A Pirate Day Edition

Arrrrrg! Happy Friday, Federal Mateys!  Th' air be crisp 'n th' leaves be turnin' in New England, which means ‘tis almost the hour to strap on me skis! Another week has gone by 'n another breach be bein' reported by FireEye [http://www.fireeye.com/blog/technical/2014/09/putting-transcom-in-perspective.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SecurityBloggersNetwork+%28Security+Bloggers+Network%29] . Arrrgh mateys, 'tis one involves a foreign government penetratin' th' net

2 min Metasploit

Federal Friday - 9.5.14 - Keeping 3rd Parties Honest

Happy Friday, Federal friends! I hope all of you enjoyed the nice long Labor Day weekend, and the short week to follow. I happily took last week off as well, maximizing the effect of the "long" weekend effect. Additionally, a group of 25 Rapid7 Moose took on the "Great Northeast" Tough Mudder event back on 8/23. I'm happy to say all of the "Dirty Moose" made it through the mud and obstacles, for the 2nd year in a row, and we helped generate funds for the Wounded Warrior Project [http://www.wound

2 min Nexpose

Software defined security made real

This week were headed for VMworld 2014 in San Fransisco and we're excited to be talking about how Rapid7 is partnering with industry leaders like Symantec, Palo Alto Networks, and of course VMware to build out the VMware NSX security ecosystem [http://www.vmware.com/products/nsx/resources.html]. Together we've created an integrated system that collaborates together leveraging the NSX platform [http://www.vmware.com/products/nsx] to automate risk identification and mitigation for VMware customers

1 min Metasploit

Federal Friday - 8.22.14 - A Sensitive Cloud and Some Additional Strategy

Happy Friday, Federal Friends! Do you hear that? That sound you're hearing is the collective high-five every adult with children just gave each other in celebration of "Back to School [http://giphy.com/gifs/WKdPOVCG5LPaM]." For those of you who's summah is coming to a close, I hope it has been a great couple of months. For those of you that don't have to worry about that, I'll see ya at the empty beach in September. I read a great article this week about another take on cyber strategy. Piggy--b

2 min Metasploit

Federal Friday - 8.8.14 - Military Strategy in Cybersecurity

Happy Friday, Federal friends! I hope that you folks out in the desert are having a blast at BlackHat, B-Sides and DEFCON. It sounds like it's been a great week out there, mostly because it's been so quiet back here in HQ. Speaking of BlackHat; there was a session this week being hosted by Tom Cross, director of security research at Lancope. He, and two other industry experts, were going to be discussing utilizing a variety of militaristic approaches to cybersecurity. In particular, having orga

5 min Nexpose

New Nexpose charts!

At Rapid7, we are always looking to make improvements to provide more value to our customers. We've listened and in Nexpose 5.10, we've redesigned all the charts in the Nexpose user interface to give you information you care about at a quick glance.  And better yet, we've made the charts interactive…yes…you can now interact with the charts to filter and drill-down into specific information to perform deeper analysis. Now let's take a look at each of the new charts and see how they'll help you.

2 min Metasploit

Federal Friday - 8.1.14 - Threat Sharing and Cybersecurity Myths

Happy Friday, Federal friends! After a brief hiatus, due to an epic travel day last Friday, I'm baaaaaack. Welcome to the dog-days of summer everyone. School is around the corner, and better yet we're only 62 days away from the unofficial start to ski season. Don't believe me? Check out the guys at Ski The East [https://twitter.com/SKITHEEAST], they're keeping watch for us. There was some potential, positive, traction regarding threat sharing in the Senate this week. Sen. Gillibrand introduced

3 min Nexpose

Microsoft False Positives: "The update is not applicable to your computer"

One of the most common false positive cases we see from a support perspective is a situation where Nexpose reports a vulnerability because a specific patch is not installed, but when you try to apply the patch, the system will not let you install it and says the patch is not applicable. In many cases, this ends up being caused by another patch that is installed on the system that prevents the patch you are trying to install from being installed.  Sometimes the patch that is installed and preven

3 min Metasploit

Federal Friday - 7.18.14 - Mobile Movement

Happy Friday, Federal friends! The Midsummer classic is behind us which means we're heading into the dog-days of summer. I hope you all have some nice quality time planned with your families so you can get out and enjoy the weather, especially with the Winter and "Spring" we just went through. There was a big announcement [http://fcw.com/articles/2014/07/16/apple-ibm-deal.aspx] earlier this week regarding two titans of the tech industry that will have direct impact on several verticals, includi

1 min Metasploit

Federal Friday - 7.11.14 - Buying Agile

Happy Friday, Federal friends! Due to the heavy amount of CDM paperwork I've had to do this week I'm going to keep today's blog very short. As we forge ahead into the spending spree [http://fcw.com/articles/2014/07/11/snapshot-fy-2014-q4-spending.aspx] that is Q4 of FY14, it's important to know how to navigate the buying process on the federal side of the house. FCW has a great article [http://fcw.com/articles/2014/06/26/buying-agile-without-jumping-through-hoops.aspx] this week offering a hos

1 min Nexpose

Nexpose search update: Find partial matches by default

As of Nexpose 5.9.20, when you run initial searches with partial strings in the Search box that appears in the upper-right corner of most pages in the Web interface, results include all terms that even partially match those strings. This change was made in response to feedback from Nexpose users. Previously we made several improvements to the Nexpose search, including indexing more information for searches, and improving aspects of search performance such as disk space use. As part of this upd

0 min Metasploit

Federal Friday - 7.4.14 - A Special Thursday Edition

Breaking News: HAPPY FOURTH OF JULY! I hope all of you out there enjoy the long weekend with your friends, family fireworks and some delicious BBQ. See you again next week!

1 min Nexpose

New charts are coming!

The ability to quickly view all of your data in the proper context is essential to managing the status of your network. The current Nexpose Home page charts provide a lot of great data, but we are always looking to provide more value. In the coming weeks, Nexpose will be replacing our current charts with enhanced interactive charts and graphs. These charts provide dynamic visual snapshots of your data, giving you the ability to quickly assess your environment in real time and even export the ch

3 min Metasploit

Federal Friday - 6.27.14 - A Clash of Cultures

Happy Friday, Federal Friends! Welcome to the weekend, and for those of you who are out next week, happy Fourth of July. There was a great, short, read from the Washington Post [http://www.washingtonpost.com/business/on-it/cias-cio-working-with-private-sector-can-be-a-clash-of-cultures/2014/06/24/42213114-fbad-11e3-b1f4-8e77c632c07b_story.html] this week about a talk given given by CIA CIO Doug Wolfe at a recent symposium. He was talking about the Agency's coming deployment into AWS but went i

2 min Metasploit

Federal Friday - 6.20.14 - Winter is Coming

Happy Friday, Federal friends. The World Cup (soccer tournament) is underway, and while futbol is fun to watch for a few weeks, we are really waiting for the start of football training camp. Sorry about the title, especially for those in the Northeast. It's more of a play on Game of Thrones ominous tag line, and about how one should be prepared. In this case I'm using it in reference to the pending changes coming to NIST 800-53 [http://www.informationweek.com/government/cybersecurity/nist-secur

1 min Nexpose

Nexpose Gem Version 0.8.0 Released

With the release of Nexpose 5.9.16, we are also releasing a new version of the gem: 0.8.0 We bumped the version from 0.7 to mark several changes. First, there are two methods that would not work against the new release without some code changes to the gem. These cover searching for vulnerabilities and running ad hoc HTML reports. But most significant is the addition of the nokogiri (鋸) gem [https://rubygems.org/gems/nokogiri]https://rubygems.org/gems/nokogirias a dependency. We decided to pull

2 min Metasploit

Federal Friday - 6.13.14 - New Group, Same Story

Happy Friday, Federal friends! It's another lovely Fall day here in Beantown but I hope each of you are enjoying your early Summer weather. Some exciting news as Rapid7 was named one of the Top Places to Work by the Boston Business Journal (#11 Mid-size company)! I'm going to keep it short and sweet today considering this is a topic I've covered before. Given the news stemming from a new CrowdStrike [http://www.crowdstrike.com/sites/all/themes/crowdstrike2/css/imgs/platform/CrowdStrike_Global_T

2 min Metasploit

Federal Friday - 6.6.14 - 70 Years Later

Happy Friday, Federal friends! As we all know today marks the 70th anniversary that our forbearers forever changed the course of history, my grandfather among them. By securing a foothold on the beaches of Normandy, the Allied Expeditionary Force was able to penetrate the steel teeth that was Fortress Europe. While times have changed, Gen. Eisenhower's words still ring loudly today. Not just in terms of the sacrifices made that day, but also in the trenches that we find ourselves in today. Take

1 min Metasploit

Federal Friday - 5.30.14 - Social Engineering from the Middle East

Happy Friday, Federal friends. You can tell it's almost Summah up here because it's been 50 and raining this week. So an interesting piece of news from an article on DarkReading [http://www.darkreading.com/attacks-breaches/iranian-cyberspies-pose-as-journalists-online-to-ensnare-their-targets/d/d-id/1269270] this week regarding an ongoing campaign targeting government officials and contractors of both the US and Israel. This is a mash-up of social engineering techniques from phishing to social

2 min Metasploit

Federal Friday - 5.16.14 - Cloudy with a Chance of Insider Threats

To quote the multi-dimensional, world-renowned lyricist Rebecca Black: "Yesterday was Thursday, Thursday. Today i-is Friday, Friday." With that being said -- welcome to the weekend, Federal friends. I wanted to start this week off with an article from GCN [http://gcn.com/articles/2014/05/09/insight-hybrid-cloud-security.aspx?admgarea=TC_SecCybersSec] around government and the cloud. While the cloud trend has steadily increased over the past few years, the demand to bring it on board within the

3 min Metasploit

Federal Friday - 5.9.13 - Renewed Push for Threat Sharing

Happy Friday Federal friends! We're creeping closer and closer to summer, which means Boston will have about 2 weeks of Spring to look forward to. For those of you that were able to join our webcast yesterday I want to thank you for attending and please let me know if you have any questions, I'm here to help. Piggy-backing on the recent M-Trends report, and the latest DBIR [http://www.verizonenterprise.com/DBIR/], an article on DarkReading [http://www.darkreading.com/vulnerabilities---threats/

4 min Metasploit

Federal Friday - 5.2.14 - Alphaville: Cybersecurity's Westeros

Happy Friday, federal friends! I blinked on Monday and the next thing I know I'm typing up this blog. Where has the week gone? For those of you that have been impacted by the wild and dangerous weather around the country this week, I wish you all the best and a speedy recovery. So did my title about Westeros get you? I love Game of Thrones as much as the next fan, although I do have to admit I'm holding off on the books until HBO wraps their version, but the reality is that it takes place in th

1 min Nexpose

IE 0-day, we got you covered

News broke [http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html] this weekend of yet another IE 0-day under ("limited, targeted") exploitation in the wild.  Microsoft responded [https://technet.microsoft.com/en-US/library/security/2963983] with an advisory, but no patches yet.  Given that the risk from the known exploit is mitigated by the usual defence in depth tactics [https://technet.mic

2 min Metasploit

Federal Friday - 4.25.14 - A Whole Lot of Oops

Happy Friday, Federal friends! I hope all of you enjoyed some nice family time over the respective holidays last week. After a successful Marathon Monday here in Boston we're blessed with chirping birds and blooming flowers (finally)! As you all probably know by now, Verizon released their latest DBIR [http://www.verizonenterprise.com/DBIR/2014/reports/rp_dbir-2014-executive-summary_en_xg.pdf] report earlier this week. While this report covered a wide range of topics in regards to breaches, I

4 min Metasploit

Federal Friday - 4.18.14 - Mandiant Trends and the Federal Cyber Brain Drain

Happy Friday, Federal friends. Hopefully all of you are though the post-Heartbleed hangover [http://i.huffpost.com/gen/284555/thumbs/r-HANGOVER-3-large570.jpg] with very few scars to show for it. I don't know about y'all folks further south than Beantown, but I FINALLY get to do my finest Payne Stewart [http://i.cdn.turner.com/dr/golf/www/release/sites/default/files/article_images/payne_stewart_299x247_1.jpg] impersonation as I hit the local links for the first time this season tomorrow mornin

3 min Metasploit

Federal Friday - 4.11.14 - Another Quiet Week...

Can you believe how quiet it was this week? Nothing going on, everyday slowly dragging on, the tick, tick tick of the clock getting louder and louder by the second. Reminds me of the late-night drip from your faucet but more annoying because you're stuck at work. Oh wait, totally forgot this was a cybersecurity blog and mistook it for my crochet blog. You, much like us here at R7, were probably pretty busy this week. In that case let me officially say, happy freaking Friday, Federal friends! I'

3 min Nexpose

Using Nexpose to Stop the Bleeding (Scanning for the OpenSSL Heartbleed Vulnerability)

By now you have almost certainly heard about the recently disclosed OpenSSL Heartbleed vulnerability [/2014/04/08/gaping-ssl-my-heartbleeds] (CVE-2014-0160). The April 9th update for Nexpose includes both authenticated and unauthenticated vulnerability checks for Heartbleed. Scanning your assets with the regular full audit template, or indeed any template that isn't tuned to exclude many ports or vulnerabilities, will automatically pick up this vulnerability. But it is also possible to create

1 min Metasploit

How to Save 140 Hours a Month on Vulnerability Management

Welcome back, Whiteboard Wednesday Fans! Were you able to check out our Whiteboard Wednesday last week [http://www.rapid7.com/resources/videos/how-to-save-time-on-vulnerability-management.jsp] ? Our very own Bill Bradley discusses how you can significantly cut down on the time spent on vulnerability management every month. Specifically, he discusses the various technologies that exist today that will help you, as a user, cut down on the amount of time needed to properly scan and remediate the v

2 min Metasploit

Federal Friday - 4.4.14 - DOD Embraces NIST and Increases Cyberwarfare Force

Friday, oh sweet Friday, it's good to see you again. Hello Federal friends, welcome to another edition of Federal Friday. Over the last two weeks there has been a significant change in the way DOD approaches cybersecurity. On March 12th, the DOD made a major move by taking a risk based and holistic approach to cybersecurity by aligning with NIST's Risk Management Framework [http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf] and phasing out DOD Information Assurance

3 min Metasploit

Federal Friday - 3.28.14 - History Repeats in Current Phishing Campaigns

Happy Friday, federal friends! Spring has Sprung! While some of us had a touch of winter this week, we avoided the big hit and it looks like nothing but sunshine on the horizon which means summah is around the corner! Speaking of summer, who's going to Vegas for BackHat, B-Sides and Defcon? Drop me a line here if you are! Attackers, being the solid humans they are, have decided to pile on the recent tragedy around Malaysian Flight MH 370 [http://threatpost.com/mh-370-related-phishing-attacks-sp

2 min Metasploit

Federal Friday - 3.21.14 - A Day of Reckoning

Friday at last... Hello federal friends! I'm pleased to announce that the sun is setting here in Boston at 6:58pm tonight and there is major League Baseball being played this weekend. Spring officially happened yesterday which should make those of you in DC put Monday's snow-day out of sight and out of mind. Did my ominous title catch your attention? Don't worry, this is not the end of times, or even the end of days [http://www.imdb.com/title/tt0146675/] for that matter (thank goodness) and mo

2 min Metasploit

Federal Friday - 3.14.14 - New Beginnings and New Fed-focused Benchmarks

Happy Friday Federal friends! We're nestled comfortable in our new space in downtown Boston [https://www.google.com/maps/place/100 Summer St/@42.3537293,-71.057427,19z/data=!4m2!3m1!1s0x89e3708243c5aac5:0xa32a2abc907ec6c5] and it already feels like home. This is good news for everyone because we moved out of the Pru at 4pm on Friday and we were rockin' n' rolling in the new digs at 8am on Monday Enough about us though, let's get back to it... On the mobile front, NASA had a rough go of it du

1 min Metasploit

Federal Friday - 3.7.14 - Rapid7 Moose are on the Move

Federal friends! Unfortunately we're in the process of undergoing a much needed move and today is the last day in the current office. The good news? We're moving to greener, and more importantly, much larger pastures as our herd has grown quite a bit in the last 12 months and our current space just can't fit us anymore. As of Monday we will be located a little further downtown at 100 Summer St. So, next time you're in Boston give us a jingle and we'll be happy to invite you into our new home. In

2 min Metasploit

Federal Friday - 2.28.14 - Flash Zero Day Targets Foreign Policy Sites

Federal Friday has come again, which means another week has passed us by. It's been a busy week for the Moose of Rapid7 with an imminent move for our Boston HQ for on the horizon. We also had a great week at RSA with SC Magazine naming Nexpose the Best Vulerability Management Solution! The threat landscape has had a wild few days with a major security flaw for Apple desktops and iOS devices as well as another IE zero day being discovered. In addition, a detailed report from FireEye [http://www.

2 min Nexpose

Real-time Protection from Nexpose & VMware NSX

One of Nexpose's core promises, is that we will give you actionable visibility into your physical, cloud, and virtual environments to help you identify what assets are on your network, and what are the most critical security risks to remediate. As a part of supporting that visibility, Rapid7 and VMware announced last August, that Rapid7 is the first VMware NSX network and security platform ecosystem partner [http://www.vmware.com/products/nsx/resources.html] for vulnerability management.  This

2 min Metasploit

Federal Friday - 2.21.14 - NATO praises NIST's Framework

Happy Friday, federal friends! I hope you all enjoyed your long weekend and short work-week. We're cruising through February here at the global HQ in Beantown, with a big office move scheduled for early March. I hope most of you have begun to thaw out and for those of you out there having a similar winter to New England, think warm thoughts (it helps). There was a nice article on Inside Security [http://insidecybersecurity.com/Cyber-General/Cyber-Public-Content/nato-cybersecurity-center-praises

3 min Metasploit

Federal Friday - 2.7.14 - Third-Party Problems - Olympics Edition

Happy Friday, federal friends! Welcome to February, the funniest month of them all! In all seriousness though, I am looking forward to meeting a lot of you at our DC Roadshow next week! As you can guess from the title this week I am going to talk about some issues [http://news.cnet.com/8301-1009_3-57618407-83/sochi-visitors-entering-hacking-minefield-by-firing-up-electronics/] around the Olympics. Issues not involving water [http://norberthaupt.files.wordpress.com/2014/02/sochi-water.jpg] or t

1 min Nexpose

Hacking as One Moose

Twelve hours into Rapid7's Annual Global Domination Hackathon and we are still going strong. Pulling together all the members of our global team for a multi-day kickoff in Boston gave us a fantastic opportunity to collect the wealth of talent and share in an epic hackathon event. Our cross-functional teams are getting their creative juices flowing, chugging Red Bulls and 5-hour energies, building robotic versions of our CTOs, destroying watermelons, driving million dollar virtual cars... and of

2 min Metasploit

Federal Friday - 1.24.14 - Threats From Afar

Friday, oh sweet Friday it's great to see you again my friend. I hope all of you are doing well with Polar Vortex 2014.2! Don't get me wrong I love Star Wars, and winter (for the most part), but I do not enjoy living on the set of Hoth this long. This week an interesting article from SC Magazine [http://www.scmagazineuk.com/cyber-security-failure-could-result-in-next-major-terrorism-attack/printarticle/330532/] highlighted the results of a discussion of industry leaders at a conference in Lill

2 min Metasploit

Federal Friday - 1.10.14 - Welcome to 2014

Happy New Year federal friends! I hope each and every one of you have had a great holiday season with your families and friends. I know I had a nice quiet week off, until Hercules dropped some snow and most of us were slapped in the face with a nice Polar Vortex session. Now it's time to hop back on the horse and charge head first into 2014. In the wake of the massive Target breach that ended 2013, DHS has started 2014 off with a nice shot across the bow for anyone using POS systems and any org

1 min Nexpose

Wake up little SUSE

Nexpose Content team has added SUSE coverage for update 5.8.2 that went out on Dec 18, 2013. Whats new? 1. Fingerprinting: Nexpose now fingerprints SUSE and OpenSUSE accurately. 2. New Content: Nexpose now has checks for all known SUSE security advisories. What versions of SUSE are supported by Nexpose? Nexpose now covers the following versions of SUSE and OpenSUSE: * SUSE Enterprise Desktop 10 and 11 * SUSE Enterprise Server 9, 10 and 11 * All OpenSUSE versions from 10.2 through 13.1 W

1 min Nexpose

Assets Tab Redesign - Faster Access to Asset Data

Chances are you manage quite a few systems with Nexpose, and quick access to simple stats can be the difference between a tangle of exploits and a well-tuned infrastructure. The latest version of Nexpose brings your asset information to the forefront so you can dig less and do more. In the new Assets tab you can still do and see everything you could in previous versions, but now Operating System, Software, and Service statistics are front and center. Drill down into per-architecture OS infor

1 min Nexpose

NEX-37823 XSS in Nexpose vuln-summary.jsp (Fixed)

Nexpose users are urged to update to the lastest version of Nexpose to receive the patch for the described security vulnerability. Note that by default, Nexpose installations update themselves automatically. A cross-site scripting (XSS) vulnerability has been discovered by Yunus ÇADIRCI [https://twitter.com/yunuscadirci] and subsequently patched in recent versions of Rapid7's Nexpose vulnerability scanner. By providing URL-encoded HTML tags (including script tags), an unauthenticated attacker

1 min Nexpose

New, Faster Administration Page in Nexpose 5.8

In Nexpose 5.8 you'll notice a useful change in design. The Administration page has been redesigned as part of Rapid7's effort to make Nexpose more intuitive and easier to use. Upon accessing the new Administration page you will notice logical groups of the administrative components of Nexpose, with the most commonly used functions front and center. Use keyboard shortcuts to access every function: just type the underlined letter of the group (U for Users) then the underlined letter for the f

2 min Nexpose

Rapid7 in the SC Awards

It's that time of year again: After months of nail-biting across the security industry, SC Magazine has announced the finalists for its 2013 Reader Trust Awards [http://www.scmagazine.com/2014-sc-awards-us-finalists/article/319868/]. Not only is Rapid7 Nexpose once again in the running for Best Vulnerability Management Solution, but our two newest offerings [http://www.rapid7.com/company/news/press-releases/2013/rapid7-unveils-two-innovative-solutions.jsp] are also first-time contenders: Rapi

3 min Nexpose

Nexpose and ControlsInsight: Better Together

If you're currently using our vulnerability management software Nexpose, then you're probably already scanning your environment to identify, prioritize and remediate vulnerabilities and misconfigurations. But do you have visibility into the controls in place that mitigate these risks from being exploited? We recently launched a new product, ControlsInsight, that allows you to leverage your Nexpose deployment to automatically assess the effectiveness of your controls and get a complete picture of

1 min Nexpose

Nexpose and ControlsInsight: Better Together

If you're currently using our vulnerability management software Nexpose, then you're probably already scanning your environment to identify, prioritize and remediate vulnerabilities and misconfigurations. But do you have visibility into the controls in place that mitigate these risks from being exploited? We recently launched a new product, ControlsInsight, that allows you to leverage your Nexpose deployment to automatically assess the effectiveness of your controls and get a complete picture of

5 min Metasploit

Kvasir: Penetration Data Management for Metasploit and Nexpose

Data management is half the battle for penetration testing, especially when you're auditing large networks. As a penetration tester with Cisco's Advanced Services, I've created a new open source tool called Kvasir that integrates with Metasploit Pro, Nexpose, and a bunch of other tools I use regularly to aggregate and manage the data I need. In this blog post, I'd like to give you a quick intro what Kvasir does - and to invite you to use it with Metasploit Pro. Cisco's Advanced Services has bee

1 min Nexpose

Getting Nexpose Help to load in your Community edition

There is a known issue with the Community edition of Nexpose, version 5.7.10: The Help and Support pages fail to load. We will correct the issue in a future Nexpose release. In the meantime, you can get Help to load with this simple workaround: 1. Go to the \help directory in your Nexpose installation directory. Example: rapid7\nexpose\nsc\htroot\help 2. Rename the enterprise subdirectory of Help as community. Example: rapid7\nexpose\nsc\htroot\help\community\html 3. Refresh the Nexp

2 min Nexpose

[ANN] nexpose gem 0.5 Released

The nexpose gem [http://rubygems.org/gems/nexpose], a Ruby library for accessing the Nexpose API (and more), has been updated to version 0.5. This version includes a number of small breaking changes from the previous version of the gem (0.2.8), hence the jump in version. Nearly all of the 1.1 and 1.2 versions of the Nexpose API are implemented by the gem. (The missing calls center around multi-tenancy and vAsset discovery, licensed features.) New Features This version of the gem allows for som

4 min Metasploit

Rapid7 Free Tools - Download Today!

Hello all, It's your friendly neighborhood Community Manager again, this time reaching out to talk about something that should be of interest to all of you; Rapid7's suite of Free Security Tools [http://www.rapid7.com/resources/free-tools.jsp]. If you're a one man shop, trying to make sure you're as buttoned up as possible, or a giant organization just looking to do some validation and double checking, I'm sure one or more of these tools would be an excellent addition to your existing security

1 min Nexpose

VMworldTV Meets the Team Behind Rapid7

Earlier this week, I blogged that Rapid7 is part of VMware NSX ecosystem [/2013/08/27/rapid7-part-of-vmware-nsx-partner-ecosystem] and gave you an overview of the solution we are working on together with VMware. Check out the below interview with VMworldTV to learn more. Lee Weiner, SVP, Products & Engineering at Rapid7, talks about the integration between Nexpose-VMware NSX and the key benefits to organizations. Tas Giakouminakis, Co-Founder & CTO at Rapid7, goes through a demonstration o

2 min Nexpose

Rapid7 part of VMware NSX Partner ecosystem

We're very excited that VMware is showcasing Rapid7 as an official VMware NSX Partner [https://blogs.vmware.com/networkvirtualization/2013/08/vmware-nsx-partner-ecosystem.html] at VMworld 2013 this week, demonstrating how we provide best-in-class vulnerability management for virtual networks. Rapid7 has been a longtime partner with VMware.  In 2011, we introduced our vAsset discovery [/2011/11/01/virtualization-introduces-new-security-gaps] method that allows Nexpose to have real-time visib

2 min Nexpose

Bulk Asset Delete Operations via the Asset Filter Page

The latest release of Nexpose allows a user to delete multiple assets at once via either the site page or the asset group listing page. However, if a user needs to delete a range of assets which aren't represented by an existing site or group he can use the Asset Filter page to build a query and then define an asset group through which the bulk delete operation can be invoked. Clicking on the Asset Filter button will bring up a new page that allows you to build an Asset Filter query that can

7 min Nexpose

Asset Discovery Troubleshooting Guide

This guide is designed to show you how to determine the cause of and solution to the most common difficulties experienced during asset discovery in Nexpose. The following common issues will be covered here: 1. None or only a few assets are found to be alive 2. Scan appears to hang or is taking too long after finding live assets 3. Incorrect number of open ports on one or more assets After reviewing the issue that applies to your scan head down to the end of this guide for detailed troubles

7 min Nexpose

Simplifying Security Programs with Nexpose 5.7

We are pleased to announce the next version of Nexpose, version 5.7. This release focuses on helping to provide context on how well your Security Program is performing and helping you simplify your vulnerability management processes to help you save time. The last release of Nexpose, Nexpose 5.6 [/2013/04/25/simplify-vulnerability-management-with-nexpose-56], introduced the new Top Remediation [/2013/05/15/nexpose-56-top-remediation-reports-reports-that-provide-the-biggest-bang-for-your-buck]

2 min Nexpose

Assessing risk using Security Intelligence

Robert Lemos wrote an interesting article [http://www.darkreading.com/vulnerability/vulnerability-severity-scores-make-for-b/240157339] about how CVSS alone does not necessarily give you enough information for effective remediation prioritization. Adding context about which vulnerabilities are being exploited easily using known exploits provides a much better way of determining whether or not a given asset is at risk from a real attack. Quoting the research completed by Luca Allodi and Fabio Ma

6 min Metasploit

Federal Friday - 6.29.13 - Weekly Recap

As I prepare to dive into this week's Federal Friday post I can't help but notice that it's that time of the year again.  The days are longer, the mercury rising, a sweet smell of B.B.Q filling the air, and students around the country are heading out of the classroom and into their summer vacation. They leave their respective schools and previous grades behind, and for the next few months they will embark on numerous adventures, filling their heads with all types of stories that they'll be burst

1 min Metasploit

HackMiami Web Application PwnOff - Nexpose w/Metasploit Dominated

During the HackMiami 2013 Hacker Conference [http://hackmiami.org/]held in Miami Beach, a live Web Application Scanner PwnOff contest pitted common web scanning suites against each other. Participates included Acunetix, IBM Rational AppScan, NT OBJECTives NTOSpider, Portswigger Burp, and Rapid7 Nexpose [http://www.rapid7.com/products/nexpose/] with Metasploit [http://www.rapid7.com/products/metasploit/]. In a head-to-head battle each of the automated web application scanning suites went up agai

4 min Metasploit

Federal Friday - Weekly Recap 6.21.13

Welcome to the brand new Federal Friday Blog here on Security Street! I tend to be an avid consumer of industry information, trends and general points of information within the InfoSec space. I want to use this blog to aggregate some of the information I find helpful and share that info with all of you on a weekly basis. Additionally we will be publishing federally-focused content from many of the great resources we have here at Rapid7. This content will highlight trends within the space and ho

6 min Nexpose

Guide to HTTP Header Configuration

Guide to HTTP Header Configuration This guide is designed to show how to setup an authenticated web application scan using HTTP Headers using Metasploit as the target web application. We will also go over using the Firebug and Cookie Importer Add-ons in firefox to manually test HTTP headers. The first thing we want to do is open Firefox and download the ‘Cookie Importer' and ‘Firebug' Add-ons. Now that we have our Add-ons installed we will want to restart our brower and then start

0 min Nexpose

New vulnerability trend report available in Nexpose

Hey, check out the new vulnerability trend report available in the Report templates page: Three-month Vulnerability Trend report in Nexpose [https://community.rapid7.com/docs/DOC-2305].

2 min Nexpose

Nexpose 5.6 - Top Remediation Reports - Reports that provide the biggest bang for your buck

Nexpose 5.6, in case you haven't heard, added the Top Remediation report templates. Why is this a game changer??? Because now you can view security from an actionable lens that focuses and expands to fit your needs.  The report orders the remediations according to their effect on your organization, rolling up solutions across assets and allowing you to take the most impactful steps available. What does this mean for you? Well instead of asking "what is wrong", you can now ask "what should I do".

2 min Nexpose

Creating Asset Groups from IPs

I put together a script recently to solve a customer problem, but it struck me that it is a problem many organizations might have. What happens when you are in charge of the Nexpose console, but someone else is in charge of actually applying remediation? You may generate a report for them listing the assets they need to remediate, but when they get back to you with results, it may just be a list of the IPs they've completed. If that doesn't happen to map nicely to a Site or Asset Group that alr

1 min Nexpose

Announcement: End-of-Life for Nexpose 32-bit versions

Rapid7 announces the end of life of Nexpose 32-bit versions for both Windows and Linux operating systems on May 7, 2014.  This announcement applies to all editions of the Nexpose including Community, Express, Consultant, and Enterprise.  After this date Nexpose 32-bit versions will not receive product or content updates. MilestoneDescriptionDate                   End-of-life announcement dateThe date that the end-of-life date has been announced to the general public.May 8, 2013Last date of supp

2 min Nexpose

Nexpose 5.6 - CIS RHEL Certified!

Nexpose 5.6, released last week, builds on our USGCB, FDCC, and CIS Windows certifications by adding CIS certified assessment of Red Hat Enterprise Linux systems. Nexpose 5.6 includes the CIS "Level I" and "Level II" policies for RHEL 4, 5, & 6.  This means you can now use Rapid7's integrated vulnerability and configuration management [http://www.rapid7.com/products/nexpose/] solution to assess the configuration of your RHEL desktops and servers. The CIS RHEL policies are included by default in

5 min Release Notes

Simplify Vulnerability Management with Nexpose 5.6

We are pleased to announce the next major release of Nexpose, version 5.6.  This release focuses on providing you the most impactful remediation steps to reduce risk to your organization and extends our current configuration assessment functionality. New Look and Feel The most visible change in Nexpose 5.6 is the new look and feel of the user interface.  The action header is now smaller to maximize screen space and usability, and the new colour scheme makes it easier to focus on important areas

2 min Nexpose

Calculating Your Average Scan Time

If you are looking to balance out your scan schedule or add new scans to the mix, it can be helpful to get some direct insight into how much time a new scan is going to take. One way to estimate that is based upon how long your current scans are already taking. To that end, I threw together a script that looks at current scan history and calculates average scan time per asset. To keep some balance, I only look at Full audit scans and their live assets. I then calculate the average number of min

2 min Nexpose

Bridging Asset Groups and Sites Using the Nexpose Gem

Asset Groups are a convenient feature for organizing assets based upon different criteria, including criteria that you could not have known when you configured and first ran your site scans. But many times you would actually like to run scans based off your asset groups. Here are some approaches to bridging that gap using the 0.1.8 version of the Nexpose gem [http://rubygems.org/gems/nexpose] to access the API [https://community.rapid7.com/docs/DOC-1896]. Rescanning Assets Since rescanning the

2 min Nexpose

Using Scripts to Analyze Your Security Console

There is a variety of information available about your Sites and Scans that can be used to make decisions. I began thinking about how to analyze the load across Scan Engines or Sites, but quickly realized there are too many ways to break down the data to be able to write a single script. To that end, I'm going to walk through some scripts which use the Nexpose gem [http://rubygems.org/gems/nexpose] (version 0.1.7) to access the API [https://community.rapid7.com/docs/DOC-1896] and collate perform

1 min Nexpose

Making the Nexpose Gem Easier to Use

In an effort to make API access to Nexpose easier, some efforts are underway to make the Nexpose Gem [http://rubygems.org/gems/nexpose] easier to use. For those unfamiliar with the gem, it is a Ruby library that allows for easier scripting against a Nexpose security console. Changes to Site Making changes to a site configuration through the gem used to be a little complex. The attributes on the configuration were locked down from editing, and sometimes buried deep in structures that mirrored th

4 min Release Notes

Significantly Enhanced, yet Simplified Reporting

The new year is just around the corner and the Internet has been available to users for almost two decades now. We have had user experiences that have pushed the boundaries with software, touchscreen devices and mobile applications. We are now witnessing radical changes in user expectations. We at Rapid7 are constantly striving to understand these expectations and live up to them. At Rapid7, our mission is to solve complex security challenges with simple, innovative solutions that offer speed w

3 min Nexpose

Introducing Nexpose 5.5 - CIS, USGCB 2, Enhanced Reporting, and Data Scalability

For those of you that don't know me, I head up the Nexpose engineering team, and we are excited to introduce the latest release, Nexpose 5.5. This release focuses on meeting three big needs that we've heard about from our customers. The first is configuration assessment. This is a big deal for organizations that are subject to regulatory or internal standards that require confirmation of specific configurations of IT assets, such as USGCB 2.0. For those organizations, proving compliance is pain

1 min Metasploit

Welcome to SecurityStreet

I wanted to take the time to welcome you to our online community, SecurityStreet. For most of you, you've been redirected here after finishing a survey we sent out to several of our customers. We hope you find what you're looking for, and you can reach out to me at any time for more information. We've established this Community for our customers, and the infosecurity world at large, to better educate about our products and to provide our own take on the important news and information that's aff

2 min Nexpose

Multi-tenant User Provisioning

Introduction Performing bulk operations can be time consuming in Nexpose. A good example is user provisioning, which can take a long time. To save time, using the Nexpose APIs is an effective way to save you time and eliminate the error-prone process of doing everything manually. For this blog post, I want to demonstrate how you can manage users using the Nexpose API. I will be using an open source Java API client, which is available on clee-r7/nexpose_java_api · GitHub [https://github.com/clee-

1 min Nexpose

Nexpose Site Creation - Now with More Scheduling

Got Sites?  Well now you can! One of everyone's favorite tasks in Nexpose is creating new sites.  But what if you could do it all with an interactive, menu-driven, standalone java application that leveraged the awesome Nexpose Java API client.  I know what you are thinking, "That would be too cool." Well wait no longer!  We here at Rapid7 have created just such a tool for you to use.  So go ahead, download it and give it a try.  All source code is included so you can easily modify or extend it

1 min Nexpose

Moving from HML (High, Medium, Low) Hell to Security Heaven – Whiteboard Wednesdays

At last check there are about 22 new vulnerabilities being published and categorized every single day (see National Vulnerability Database web site - http://nvd.nist.gov/). In total, the National Vulnerability Database now contains more than 53,000 vulnerabilities. No wonder security professionals are overwhelmed with the sheer volume of vulnerabilities in their daily practices. At the same time, the prioritization schema that many organizations use are quite basic and are either proprietary or

2 min API

How to generate reports through the API

Nexpose provides a number of api methods for report management.  Through the API you can create/update a report configuration, generate a report on the fly, and view the status of the generation requests. A report configuration, in particular, is a configuration for a type of report. With a configuration, a user can specify the template, format, and content for a report. In order to create a configuration via the API a user must generate a ReportSaveRequest. ReportSaveRequest - The report save

1 min Nexpose

Nexpose Reporting with the Java API Client

Nexpose reporting just got easier! Now you can manage and generate Nexpose reports though an interactive application that leverages the Nexpose Java API client. Here is a list of the options that are currently supported. 1. List Reports 2. Generate Reports 3. Delete Reports 4. Delete Report Configurations (and all associated reports) 5. View Report Configuration 6. View Report History Attached is a copy of the application and the source code so you can easily modify and extend its func

5 min Nexpose

Nexpose Community Edition Lab | Scanning & Reports

In the previous blog post [/2012/06/28/using-nexpose-at-home-theory], we walked through creating a virtual machine and installing Nexpose Community for use in a small lab environment.  In this post, we'll highlight key features of Nexpose, run Discovery and Vulnerability scans and finally generate a report to assist with remediating those pesky vulnerabilities. To log into your Nexpose Console, open your browser and navigate to: https://localhost:3780 [https://localhost:3780/], then input th

1 min Metasploit

UNITED Security Summit - Your Man on the Street

Hello all, I'm Patrick Hellen, the Community Manager for SecurityStreet. This week, I'm going to be coming to you live from the San Francisco show floor of the UNITED Security Summit, giving my impressions of what's happening at the event over the next week. I'll be speaking about everything, from the topics in the various talk tracks, to the sheer amount of fun at the party. I'll also be hijacking the Rapid7 Twitter feed for the next few days - to make sure you're up to date on my random path

0 min Nexpose

SC Magazine Awards - Round 2

We got the SC Magazine Award for best vulnerability management tool back in February [/2012/02/29/rapid7-wins-coveted-sc-magazine-award-for-best-vulnerability-management-tool] , since then a lot of cool things have happened. See for yourself! Thanks again to all of the readers of SC Magazine for voting for us!

3 min Release Notes

Security Configuration assessment capabilities that meet your needs with Nexpose 5.4

A new great looking feature in our configuration assessment component has been added in Nexpose 5.4: the ability to customize policies to meet your unique contextual needs, i.e. are specific to your environment. You are now going to be able to copy a built-in policy, edit its configuration including the policy checks values to test your assets for compliance. This flexibility allows for custom, accurate and relevant configuration assessment. Configuration assessment is important to assess the r

5 min Metasploit

New Metasploit 4.4: Risk Validation for Vulnerability Management with Nexpose, Improved AV Evasion, and Faster UI

Fresh out of the oven and in time for Black Hat Las Vegas, we present to you the new Metasploit 4.4 with these great new features: Focus Your Remediation Efforts: Metasploit Risk Validation for Nexpose Vulnerability Management You may have been in this situation: your vulnerability scanning report is so long you don't know where to start. You don't have time to address all vulnerabilities, and you don't know which ones are important. If this sounds familiar, you may get very excited about Met

3 min Nexpose

SOC Monkey - Week in Review - 7.9.12

Welcome back Monkeyminions, to the best content aggregation blog you read on Mondays that's written by a monkey. If you'd like to join in the content part, feel free to download my App [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], from the Apple App Store [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8]. It's July 9th, so for about 300,000 people, it's the end of the internet as they know it (yet I feel fine?): Still infected, 300,000 PCs to lose Internet access July

1 min Nexpose

Small business experience with Nexpose to help meet PCI Compliance

Nexpose has saved my bacon and allowed me to meet the rather onerous PCI-DSS compliance. Thank you Nexpose, the product is brilliant, fairly easy to use and corrects the security issues. My business ThirtyFifty is a great smallish business running wine tastings. It is generally a pretty straight forward type of business, but we need to take payments over the phone to confirm bookings. This is fine, but if you have had any experience in PCI compliance, it is getting harder and harder to meet the

5 min Nexpose

Detecting CVE-2012-1182

I joined the Rapid7 team as a Security Researcher back in March. Since I've started, I've been doing a lot of work primarily in the area of remote vulnerability detection for Nexpose, and the work has already varied quite a bit in scope and the challenges I've faced day-to-day. Today, I'm here to talk a little bit about my work last month relating to the detection of CVE-2012-1182 [http://www.samba.org/samba/security/CVE-2012-1182], a recent high-profile samba vulnerability Background For the

4 min Nexpose

Using Nexpose At Home | Theory & Install

According to the NHTSA, over 1/3rd of all auto-related accidents happen within one mile of home.  Many drivers reported a ‘switching off' syndrome that kicked in while driving on familiar roads.  As we get closer to the place we feel most comfortable, it's easy to adopt a casual posture towards things we take for granted.  At home, one of the things we take most for granted is our technology. Whether you rely on wireless, connect directly or both – for many, network security is a close to home a

1 min Nexpose

How does the sustaining team at Rapid7 make Nexpose better?

I'm Rob, and I work on the Nexpose sustaining team at Rapid7. The mission of this team is to work closely with our customers in defining key new capabilities that will help solve customer challenges and enhance existing capabilities based on customer input. Many of the features the sustaining team works on may not get the same spotlight as some of the new core feature areas get, but enhances the user experience nonetheless.  In this blog entry, we'd like to tell you about things the sustaining t

2 min Nexpose

Nexpose adds CyberScope support

The latest version of Nexpose, 5.3, allows federal agencies and consultants to generate reports that can be submitted into the CyberScope reporting tool in compliance with Federal Information Security Act (FISMA) requirements for security information data. CyberScope, which is mandated by the Office of Management and Budget (OMB) is a Web-based application that collects data around the relevant vulnerabilities, configurations, and assets that are present within a federal agency in a standardize

2 min Nexpose

Managing Your Nexpose Scan Engines through the API

Here's a walk-through of a Ruby script that uses the nexpose gem [http://rubygems.org/gems/nexpose] to add and configure your Nexpose Scan Engines. This script configures the Dynamic Scan Pool feature. A Scan Engine pool is a group of shared Scan Engines that can be bound to a site so that the load is distributed evenly across the shared engines. The feature can only be managed through the API. You'll need familiarity with Ruby to understand the script. I've inserted explanations as comments (

2 min Nexpose

Getting the most from customizable CSV exports - Part 7

Good Morning Rapid7 Community, my name is Pia Flores and I am the security solutions manager here at Rapid7. I have been a sales engineer at Rapid7 for the past 4.5 years and during that time I have seen my fair share of interesting problems. I consider myself a security therapist, simply because my job consists of having multiple conversations per day with teams facing security challenges and problems. My job is to give them my best advice and ultimately to figure out if Rapid7 products or serv

2 min Release Notes

Getting the Most from Customizable CSV Exports - Part 6

Hi, my name is Eden Martinez, and I'm a Federal Sales Engineer with Rapid7. Larger environments often list scalability as one of their top problems; specifically, too much data. With current tools, it's not hard to generate large data sets. Most tools are comprehensive with a focus on the largest list of results wins. While you can turn all the knobs on Nexpose up to 11, I've found many enterprise environments prefer to focus on prioritization of vulnerabilities and trending of the results. M

2 min Nexpose

Getting the Most from Customizable CSV Exports - Part 2

Hi there SecurityStreet! As a Technical Proposal Writer for Rapid7, I get to do technical deep dives of Nexpose with our Engineering and Security Solutions teams. Lately I've had a lot of chances to describe the enhanced CSV exports we've added in Nexpose 5.2, but up until now I haven't gotten the chance to really show off their capabilities. As Sean Blanton said in our first demonstration [/2012/04/23/getting-the-most-from-customizable-csv-exports-part-1] of the new CSV export capabilities, us

2 min Nexpose

Getting the Most from Customizable CSV Exports - Part 1

Hello Community! As a Security Solutions Consultant here at Rapid7 my team and I get to work day in and day out with all the Nexpose users out there; we hear so many stories and get to help solve so many challenges. We thought we'd share some of our ideas concerning the latest functionality of the Nexpose 5.2 release – customizable CSV exports! Nexpose can get a tremendous amount of great, actionable risk data, we all know this. But putting it to use and communicating it effectively can be a wh

3 min Nexpose

How to Secure Your Videoconferencing Systems: H.323 Scanning with Rapid7 Nexpose

For my inaugural post on the SecurityStreet blog, I thought it would be beneficial to highlight the H.323 coverage I recently added to Nexpose. With all the attention HD Moore's work [/2012/01/23/video-conferencing-and-self-selecting-targets] in this area garnered, it seemed that there was a definite need for this functionality, so as of Nexpose 5.2, users can scan their networks for devices running H.323 services as well as detect whether those services have the auto-answer functionality enable

2 min Metasploit

Communicating and integrating with Metasploit from your Mono/.NET applications

I recently checked into github a C# library [https://github.com/brandonprry/metasploit-sharp/] that helps allow easy communication and integration from your Mono/.NET applications. The library follows the same Session/Manager pattern as the Nexpose library [https://github.com/brandonprry/nexpose-sharp] I mentioned [/2012/01/13/communicating-and-integrating-with-nexpose-from-your-netmono-applications] previously in the Nexpose blog. It has support for both the core Metasploit RPC and for the Me

2 min Metasploit

Rapid7 At the Movies - Recruitment Videos

As you may have already seen, Rapid7 is making a series of videos to highlight some of the attributes we value in our team and prospective candidates that may join the team.  We're doing this by paying tribute to some of our favorite movie scenes that we think represent these key attributes in some way.  We started with the head of engineering for Nexpose, Eric Reiners, mounting up on his trusty steed to demonstrate his leadership [http://www.youtube.com/watch?v=eGMH4dheSkE&feature=relmfu]skills

2 min Nexpose

Automating Nexpose Discovery Connections through the Java API

Nexpose has long offered APIs allowing for automated workflow operations. The following examples are intended to help Nexpose users automate the discovery mechanisms feature through the API. The following code shows how to leverage the Java API client [https://github.com/clee-r7/nexpose_java_api] to create, list, update and delete discovery mechanisms in Nexpose. Nexpose supports Discovery connection API starting on version 5.2.  The supported operations on the API with regards to discovery ar

6 min Nexpose

Integrating Nexpose Community and Metasploit Community in Backtrack 5 R2

I recently packaged up the new Nexpose release so that Backtrack users can have an up-to-date version of Nexpose, straight from the Backtrack repos. This seemed like a great time to also go over installing Nexpose Community and integrating it with the already-installed Metasploit Community. 1. Getting Started Before we get started, I would recommend grabbing a copy of Backtrack 5 R2 64-bit. The machine you want to use will need to have at a minimum 2GB of RAM and at least 5GB space on the hard

4 min Release Notes

Configuration assessment and policy management in Nexpose 5.2

We love our policy Dashboards. They are new, hot, intuitive, robust and really useful. In our latest release of Nexpose, version 5.2, we've made two major enhancements to our configuration assessment capabilities: * A policy overview dashboard: To understand the current status of compliance of configurations delivering a summary of the policy itself.A policy rule dashboard: To provide further details for a particular rule and the current compliance status for that rule. What makes th

1 min Nexpose

How to Check for Remote Desktop Protocol (RDP) Services

There are many organizations concerned with the critical Microsoft Security Bulletin MS12-020 [http://technet.microsoft.com/en-us/security/bulletin/ms12-020] Remote Desktop Protocol (RDP) vulnerability. Here is a quick way to check if you have Remote Desktop Protocol running on your system or network. I used NMAP [http://nmap.org/] to check my home network. In the highlighted text below you can see that NMAP can check for the RDP service running. If you can't patch, this is important because at

2 min Nexpose

Rapid7 Wins Coveted SC Magazine Award for Best Vulnerability Management Tool

Thorsten George, VP of Worldwide of Marketing and Products for Agiliance on the left and Bernd Leger, VP of Marketing, Products & Solutions at Rapid7 on the right Sitting in a room of hundreds of industry leaders and security vendors, it was extremely gratifying to hear our name called and being asked on stage to receive one of the coveted SC Magazine Awards last night in San Francisco. Rapid7 won the prestigious “Best Vulnerability Management Tool” Award in the Reader's Trust Award Categor

2 min Nexpose

How to Set up an Oracle Policy Scan

The following steps should get you up and running with a policy scan against an Oracle database server. Configure the oracle.xml File You need to edit the policy configuration file provided in a default Nexpose installation. The file is located here: * [installation_directory]/plugins/java/1/OraclePolicyScanner/1/oracle.xml Create a backup of the file and make the following modifications to the XML: * Update the description (line 2) to something more appropriate. I used Oracle 11i Secur

1 min Metasploit

Free Microsoft Virtual Machines for Testing

I am often asked how security professionals and students can safely test security software. My usual response is, they should create a virtual lab with diverse operating systems for testing. The problem that many encounter is they don't have licenses available to install the operating systems. During my creating and testing the Metasploit Javascript Keylogger [/2012/02/21/metasploit-javascript-keylogger], I came across free virtual machines from Microsoft that are sure to be useful to securit

1 min Nexpose

Nexpose Java API

We are really excited to see the Nexpose community coming up with all sorts of cool and useful ways to automate Nexpose via our APIs. Since we have published our Ruby [https://github.com/rapid7/nexpose-client] and .Net [https://github.com/brandonprry/nexpose-sharp] API client libraries, we have had some requests for a Java library as well. And now we have open sourced a Java [https://github.com/clee-r7/nexpose_java_api] based library for accessing the Nexpose API.  This library is BSD licensed s

2 min Metasploit

Getting The Most Out of Metasploit: Pentesting, Password Auditing, and Vulnerability Validation

When we talk to Metasploit users, they usually use it for either penetration testing, password auditing or vulnerability validation, but few use it for more than one of these purposes. By leveraging your investment in Metasploit, you can triple-dip at the same price - no extra licenses needed. Penetration Testing With penetration testing, you can identify issues in your security infrastructure that could lead to a data breach. Weaknesses you can identify include exploitable vulnerabilities, we

3 min Nexpose

How to Exploit A Single Vulnerability with Metasploit Pro

Metasploit Pro's smart exploitation function is great if you want to get a session quickly and don't care about being "noisy" on the network, but there are certain situations where you may want to use just one exploit: * You're conducting a penetration test and want to exploit just one vulnerability so you don't draw too much attention (i.e. you want to use a sniper rifle, not a machine gun) * You're a vulnerability manager and want to validate just one vulnerability to know whether

2 min Nexpose

Find Vulnerable pcAnywhere Installations with DAGs

On Monday, Symantec made the rare decision [http://www.symantec.com/theme.jsp?themeid=anonymous-code-claims&inid=us_ghp_banner1_anonymous] to tell their customer base to either uninstall or disable their remote control software suite pcAnywhere [http://www.symantec.com/pcanywhere]. Symantec made this decision because their users were at risk to be exploited by publicly known vulnerabilities that they had not been able to create a patch for yet. This recommendation to disable software due to act

4 min Nexpose

"Pass the hash" with Nexpose and Metasploit

I am proud to announce that Nexpose 5.1.0 now supports "pass the hash" [http://en.wikipedia.org/wiki/Pass_the_hash], a technique to remotely authenticate against a Windows machine (or any SMB/CIFS server) with the mere possession of LM/NTLM password hashes, without needing to crack or brute force them. Nexpose is able to use the hashes to perform credentialed scans to produce very detailed scan results of all sorts of local and remote vulnerabilities that may otherwise not be detectable. And pe

2 min Nexpose

Granular asset searches and a new "Policies" tab?

I am part of product management team at Rapid7 and I am responsible for the user experience across all our products. I am fascinated with new technologies specifically related to artificial intelligence and HCI. My weekend leisure projects range from creating an ambient mail informatics system with an arduino (a small processor) to creating a sensor-laced cane for blind users. I wrote about some cool UI improvements [https://community.rapid7.com/community/solutions/nexpose/blog/2011/11/09/techn

2 min Nexpose

Communicating and integrating with Nexpose from your .NET/Mono applications

Tuesday, the 17th, will be my first day with the Rapid7 crew. In the past, I have worked a lot with C#/.NET technologies, so Chad Loder asked me to get a C# library written for the Nexpose API. You may find the relevant code here [https://github.com/brandonprry/nexpose-sharp]. Within the repository, you have a nexpose-sharp folder and a nexpose-client folder. The nexpose-client folder contains a small application that consumes the Nexpose XML API via the C# library that I have written, which re

1 min Nexpose

Three Ways to Integrate Metasploit With Nexpose

Metasploit has three ways to integrate with Nexpose vulnerability scanner. I've heard some confusion about what the different options are, so I'd like to summarize them here briefly: 1. Importing Nexpose reports: This is a simple, manual file import. Apart from Nexpose, Metasploit can import about 13 different third-party reports from vulnerability management solutions and web application scanners. This feature works in all Metasploit editions. 2. Initiate a Nexpose scan from Met

1 min Nexpose

Nexpose 5.0 Release

Today we released the latest version of Nexpose. This is a great release for those of you who are working in virtual environments as it adds dynamic virtual asset tracking, allows you to track configuration policy scans, and even introduces a new look and feel for the product itself. Additionally, it includes capabilites to generate a Real Risk score that incorporates known Malware Exposure and allows you to track risk trends over time. Here's a link to the announcement [http://www.rapid7.com/n

3 min Nexpose

Technology Meets Empathy

I am a member of the product management team at Rapid7, and I am responsible for the user experience across all our products. One of my ongoing efforts is to bring our product development team closer to our users. In the upcoming release of Nexpose, we have updated the user interface to make it simpler and more consistent with Metasploit so that your experience can be more productive and seamless. As the entire team at Rapid7 is working hard to get Nexpose 5.0 out of the door, I thought I'd take

2 min Virtual Infrastructure

Virtualization - Introduces New Security Gaps

This is my first blog as a Rapid7 employee.  I started in July of this year as a product manager, and my first project is helping a team build a new discovery method for Nexpose.  Virtualization has been around since the 1960s, even though it didn't start to become mainstream until the late 1990s when VMware was founded.  In the most recent years server virtualization has been growing at a rapid pace.  As it continues to spread, it introduces gaps in your security program. Over the last couple

2 min Nexpose

Nexpose 5.0 Preview: Modernized Usability & Interface

We are pleased to announce that as a part of the historic upcoming release, Nexpose 5.0 [http://www.rapid7.com/news-events/press-releases/2011/2011-nexpose-50.jsp] comes with a modernized user interface that brings it up-to-date with modern web design and usability standards. Significant enhancements will be introduced throughout the interface to simplify and streamline access to your data. This is a limited preview of the work in progress. Navigation and Global Actions A new breadcrumb dis

3 min Nexpose

Introducing Metasploit Community Edition!

The two-year anniversary of the Metasploit acquisition is coming up this week. Over the last two years we added a ridiculous amount of new code to the open source project, shipped dozens of new releases, and launched two commercial products. We could not have done this without the full support of the security community. In return, we wanted to share some of our commercial work with the security community at large. As of version 4.1 [http://www.metasploit.com/], we now include the Metasploit

2 min Release Notes

Who benefits from NeXpose 2011 Summer Release? You do.

Rapid7 took another major step forward in providing organizations with comprehensive security risk intelligence solutions with the recent  NeXpose 2011 Summer Release. I recently  joined Rapid7 and my first day coincided with the General Availability of NeXpose 2011 Summer Release. Given the magnitude of functionality and lines of code involved in the release, I just had to write my first blog about it. It's an exciting time to be joining the company and the Rapid7 Community! Speaking of the Ra

4 min Metasploit

Unified, Unanimous, Converged, and UNITED...

As you may have seen, Rapid7 launched an updated version of our award-winning vulnerability management solution today: NeXpose2011 Summer Release [http://www.rapid7.com/news-events/press-releases/2011/2011-nexpose-summer-release.jsp] .  We feel that this is a pretty big deal: the new version offers all sorts of new features, with deployment flexibility and enhanced integration, scalability and administrative capabilities topping the list.  For us though, this is about more than just getting a ne

2 min Nexpose

Detecting LDAP injections

It all started to go wrong when Web applications started to replace internal desktop applications in many companies around the globe and one manager proposed: "We should authenticate access to this application using our Active Directory!" and after some minutes a developer wrote a piece of code that looked like: String ldap_search_query = "(&(user=" username ")(password=" pwd "))"; LDAPCursor ldap_result_cursor = ldapQuery( ldap_search_query ); The idea of having a centralized location for

3 min Nexpose

w3af and NeXpose's web application security scanner

Little has been said about how w3af is really helping NeXpose's web application security scanner become the best in class; and even less has been said about how NeXpose is helping w3af; so I thought about writing this short blog post and tell you all about it using a short story: The never-ending fight against memory usage When I started to work with NeXpose, it was clear that a lot of thought had been put into making the web application scanner have the lowest memory footprint possible. If you

1 min Metasploit

Consulting for Profit: Building a Business on Security Assessments

Are you looking to expand your security consulting practice? Many companies around the world have built a successful business by packaging vulnerability management and penetration testing into the following services: * Security assessments * Deployment services * Security awareness * PCI Compliance * 11.2 Vulnerability Management * 11.3 Penetration Testing * Compliance and governance * Managed security services * Trainings We've heard from a lot of the security consul

2 min Vulnerability Disclosure

March Patch Tuesday Roundup

Since Microsoft is on this new staggered pattern of releases, we can expect a feast or famine every other month...so get used to it. Depending on what side of the desk you sit on you can adjust the context. With that being said, this month's release brought us 3 patches addressing  4 vulnerabilities. I think we were all expecting to see the MHTML [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0096] protocol handler issue resolved, however it didn't make the cut. Make sure IE is in r

2 min Flash

Don't get blinded by the Flash!

Flash has become a de-facto standard for Web applications, yet most vulnerability management solutions don't do a very good job verifying Flash content. This is surprising, especially since 98% of workstations have the Adobe Flash player installed, according to an Adobe study. The Flash player itself can contain unpatched vulnerabilities, which most scanners already detect. However, most scanners completely ignore the actual Flash applications and its interactions with the back-end servers.

2 min Metasploit

Last year's journey and the road ahead

During the holiday season of the past weeks, I reflected a lot on the past with my loved ones. At the same time, I couldn't help thinking about the Rapid7 journey so far and the exciting path before us. I thought I'd share some of this with you. 2010 was an explosive year for Rapid7. By adding a full-time development team to the Metasploit Project [http://www.metasploit.com/], we grew the open source community more than five-fold, now reaching over a million unique downloads per year. We bro

8 min Metasploit

December Patch Tuesday Roundup

So what can I say that hasn't already been said about this month's Patch Tuesday release…Microsoft never ceases to amaze, finishing the year with another 17 bulletins for 40 vulnerabilities this release. This month marks the end of a record-breaking year for bulletins and another month of what appears to be an upward trajectory of bugs. Let's take a moment to reflect Microsoft has arguably one of the most advanced SDLC programs out there, however they still managed to double the amount of bu

2 min Nexpose

Creating your own vulnerability checks in NeXpose Community Edition

Hi.  I'm a co-founder here at Rapid7 and I wanted to introduce myself to the larger community of NeXpose users. Since we released NeXpose Community Edition [http://www.rapid7.com/vulnerability-scanner.jsp] back in December, we've had an overwhelming interest from the security community. Tens of thousands of you have downloaded the product, which is hugely gratifying to our engineering teams. We love making stuff that people use! One of the most common queries that we get from you is "How can