Posts tagged Nexpose

2 min Nexpose

MVM Migration to Nexpose - Toolkit

As most, if not all, current Intel Security customers are aware, Intel has announced the End-of-Life of the McAfee Vulnerability Manager, aka. MVM. Coupled with that announcement, Intel also announces it has partnered with Rapid7 and is recommending that current, and future Intel Security customers, leverage Rapid7's Nexpose to fill their vulnerability and threat exposure management needs. To aid in the transition from MVM to Nexpose, Rapid7, has developed a Migration Toolkit. The Toolkit conta

3 min Nexpose

How to use Nexpose to find all assets affected by DROWN

Introduction DROWN is a cross-protocol attack against OpenSSL. The attack uses export cipher suites and SSLv2 to decrypt TLS sessions. SSLv2 was developed by Netscape and released in February 1995. Due to it containing a number of security flaws, the protocol was completely redesigned and SSLv3 was released in 1996. Even though SSLv2 was declared obsolete over 20 years ago, there are still servers supporting the protocol. What's both fascinating and devastating about the DROWN attack, is that se

1 min Nexpose

Nexpose OS Fingerprinting Feedback

Have you ever run a Nexpose scan and had the wrong operating system identified for an asset? Perhaps the incorrect TCP/IP stack fingerprint was used, or you scanned an embedded device we haven't seen before. The March 9th release of Nexpose (6.1.14) has a new feature that allows you easily report such fingerprinting errors to Rapid7 and helps us to improve fingerprinting accuracy. No need to open a support ticket! A new feedback button (circled below), available on the Asset detail page next to

2 min Nexpose

Update Tuesday, March 2016

March continues this quarter's trend with the majority of bulletins (8) addressing remote code execution (RCE) vulnerabilities; the remaining address elevation of privilege (4) and security feature bypass. All of the critical bulletins are remote code execution issues affecting a variety of products and platforms including Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windows (Client and Server). This month Microsoft resolves 39 vulnerab

1 min Nexpose

Nexpose Receives AWS Certification

Rapid7's Nexpose just became the first Threat Exposure Management solution to complete AWS' new rigorous pre-authorized scanning certification process! Normally, a customer must request permission from AWS support to perform vulnerability scans. This request must be made for each vulnerability scan engine or penetration testing tool and renewed every 90 days. The new pre-authorized Nexpose scan engine streamlines the process. When a pre-authorized scan engine is launched from the AWS Marketplac

3 min AWS

Nexpose Scan Engine on the AWS Marketplace

Update September 2017: For even more enhanced capabilities, check out the AWS Web Asset Sync Discovery Connection [/2017/09/14/aws-power-up-tag-import-asset-cleanup-assume-role-ad-hoc-scan/]. Rapid7 is excited to announce that you can now find a Nexpose Scan Engine AMI on the Amazon Web Services Marketplace making it simple to deploy a pre-authorized Nexpose Scan Engine from the AWS Marketplace to scan your AWS assets! What is an AMI ? An Amazon Machine Image (AMI) allows you to launch a virt

3 min Nexpose

Nation's 'Hacker-in-Chief' Demonstrates Old Dog's Value

In today's security ecosystem, there are several technologies/programs that are considered to be the old dogs.  They've been around the block a few times, have a few gray hairs, and just aren't as sexy anymore.  Most companies have had these technologies for years now, and they typically don't get the headlines that some of the newer, hotter technologies are getting.  Antivirus, Email Security, Firewalls, and Vulnerability Management are a few of these.  It's hard to compete with big-data-machin

1 min Nexpose

Update Tuesday, February 2016

February continues this quarter's trend with the majority of bulletins (7) addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly address denial of service (DOS) and elevation of privilege. All of the critical bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are remote code execution issues affecting a variety of products and platforms include Edge, Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases of Microsoft Windo

2 min Windows

Nexpose Remote Registry Activation for Windows

The Windows Registry is a database which stores all settings for a Windows system, e.g. hardware, software installed, Windows updates installed and preferences for users and their applications.  During normal day to day use a standard user will inadvertently push changes into this database when they update the system, add/remove applications and so on. Remote Registry is a Windows service which allows a non-local user to read or make changes to the registry on your Windows system when they are

1 min Nexpose

Update Tuesday, January 2016

The year's first release contains 9 bulletins, 7 remote code execution (RCE), an elevation of privilege and spoofing vulnerability. The critical bulletins (MS15-001, MS15-002, MS15-003, MS15-004, MS15-005, MS15-006) are comprised of remote code execution vulnerabilities affecting a variety of products and platforms including Edge, Internet Explorer (7 and onwards), Excel Viewer, Office, SharePoint Server, Silverlight, Word Viewer, VBScripting engine and all supported releases of Microsoft Window

3 min Nexpose

Nexpose Two Factor Authentication

For organizations that want additional security upon login, Nexpose and the Rapid7 Nexpose-Client Ruby Gem will support Two Factor Authentication as of the January 6, 2016 release. Two Factor Authentication requires the use of a time-based one-time password application such as Google Authenticator. Two Factor Authentication can only be enabled by a Global Administrator on the Security Console. To enable Two Factor Authentication: 1. As a Global Administrator, go to the Administration tab. 2.

3 min Nexpose

Have JBoss, Jenkins, WebLogic, WebSphere based applications? Brace yourself, they've got an unwanted Christmas present for you!

Java based server applications are prevalent throughout most corporate networks.  Thousands, if not millions, of applications are deployed using JBoss, Jenkins, WebLogic and WebSphere - so when a vulnerability affecting the underlying technology pops up, the impact can be significant.  A vulnerability was recently discovered affecting any Java application which can receive data back from users, allowing malicious actors to insert unsafe data as it attempts to ingest the information.  The applica

2 min Nexpose

More TLS Improvements in Nexpose 6.1.2

After releasing TLS Coverage Improvements in Nexpose 6.0.2 [/2015/10/14/tls-coverage-improvements-in-nexpose-602] we figured that the Nexpose Security Console should be able to abide by our own suggestions. Last year we had already disabled SSLv3 support by default and allowed configuring what other protocols are enabled on the console as well. With this week's release we're limiting the TLS cipher suites available to the console's web server by default. Similar to the protocols, the cipher suit

1 min Nexpose

New Vulnerability Filtering in Adaptive Security

Nexpose has long provided the ability to filter vulnerabilities by a wide variety of categories and operators. Starting in Nexpose 6.1, filtering in new-vulnerability actions in Adaptive Security closely mirrors that of Nexpose. New vulnerability actions were covered in a recent blog .How Adaptive Security fits into your Vulnerability Management Program). [/2015/11/20/how-adaptive-security-fits-into-your-vulnerability-management-program] Similarity to Nexpose Filtering The enhanced filters no

1 min Nexpose

Configuring the SNMP request timeout

The SNMP protocol is very common, has many implementations and is deployed in diverse networks. In some cases it responds very promptly, in others it is relatively slow to respond. We found that in some environments a 1 second request timeout was insufficient, so in Nexpose 6.1.1 we have changed the default to 3 seconds in order to improve the service and related vulnerability detection. This, however, can have a major impact on scan times on port 161 and may not be desirable on networks with l