Posts tagged Nexpose

2 min Nexpose

Update Tuesday, December 2015

December continues this quarter's trend, 10 bulletins addressing remote code execution (RCE) vulnerabilities, while the remaining two address elevation of privilege. The vulnerabilities affect Internet Explorer (7 and onwards), Edge, Office, Silverlight, VBScript scripting engine and Windows (Vista and onwards). It is advisable for users and administrators to patch the affected platforms. Microsoft released 12 security bulletins this month, two thirds of them rates as critical, resolving a tot

4 min Vulnerability Management

How Adaptive Security fits into your Vulnerability Management Program

Building an Application Vulnerability Management Program, found in the SANS Institute Reading Room ( https://www.sans.org/reading-room/whitepapers/application/building-application-v ulnerability-management-program-35297), identifies vulnerability program management as a cyclical process involving the following steps: * Policy * Discovery and Baseline * Prioritization * Shielding and Mitigation * Eliminating the Root Cause * Monitoring While the use of Nexpose applies to several of these

2 min Nexpose

Changes to OVAL in Nexpose 6.0.6

Rapid7 has made it a priority to support security industry standards, including the Open Vulnerability and Assessment Language (OVAL).  Those of you who use Nexpose to measure policy compliance, either by using the built-in CIS, DISA, and USGCB policies, or by writing your own custom policies, are using OVAL for these policies. A decision by the National Institute of Standards and Technology (NIST) has made it necessary for us to make changes in our OVAL implementation.  These changes affect po

2 min Nexpose

Update Tuesday, November 2015

November sees a mix of remote code execution and elevation of privilege vulnerabilities enabling an attacker to gain the same rights as the user when the victim opens specially crafted content, such as a webpage, journal file or document containing embedded fonts. These vulnerabilities affect Internet Explorer (7 and onwards), Edge, and Windows (Vista and onwards).  It is advisable for users and administrators to patch the affected platforms. Microsoft includes 12 security bulletins, a third of

1 min Nexpose

Increasing Risk Visibility

We at Rapid7 are committed to providing our customers with the best, most accurate vulnerability detection and remediation information. To better serve you, starting October 28th, 2015, Rapid7 will begin generating content for Nexpose in a way that will provide greater visibility into risk. This change will start with content generated for Adobe, Debian and Ubuntu and eventually all supported platforms will transition to this approach. For the end user the benefit is more accurate representation

3 min Nexpose

UserInsight Integrates with Nexpose for Total User and Asset Security Visibility

Rapid7's Vulnerability Management and User Behavior Analytics solutions [https://www.rapid7.com/products/userinsight/user-behavior-analytics-user-activity-monitoring.jsp] , Nexpose and UserInsight, now integrate to provide visibility and security detection across assets and the users behind them. Combining the pair provides massive time savings and simplifies incident investigations by highlighting risk across your network ecosystem without writing queries or digging through logs. Related Resou

3 min Nexpose

Nexpose 6.0: Using Adaptive Security

Overview Adaptive Security is a new feature released in Nexpose 6.0 that dynamically collects and analyzes the important network changes with minimal configuration needed from the user. This new feature allows you to create workflows called automated actions that can respond to various behaviors occurring in your environment automatically. For further explanation, please feel free to read Adaptive Security Overview. [/2015/10/02/adaptive-security-overview] Triggers and Actions Currently Adapti

3 min Nexpose

Rapid7 joins Cisco ISE Ecosystem for Endpoint Vulnerability & Threat Defense

I was pretty excited when Cisco came to Rapid7 last year and offered for us to be one of their launch partners for their Identity Services Engine (ISE) Ecosystem. Flash forward one year, and the public unveiling of Rapid7 joining the ISE partner ecosystem was announced earlier this week at Cisco Live [http://www.ciscolive.com/us/?zid=globalbox] in San Diego, California. If you are not familiar with Cisco Live, it's a massive conference that attracts more than 26,000 attendees who fly into bea

4 min User Experience

Nexpose 6.0: New and Improved User Experience

Introduction My name is JF Boisvert - Nexpose Senior UX Architect. In this role, I see opportunities everyday to improve our user flows, visual design, and customer usage. I am excited to share with you valuable insights into the Nexpose 6 product development process, and how we are making a better, more usable product. Process With Nexpose 6, we are laying a new foundation which will percolate across all of our product line to eventually unify the look, experience, and interactions our custom

2 min Nexpose

Aiming at critical moving targets: Advanced Nexpose scanning

One of the exciting but challenging aspects of working in the security industry is how quickly things change. You have to protect critical data while physical and virtual devices are coming on and offline, and new threats are announced on a regular basis. Advanced features in Nexpose are designed to help you respond to these complicated situations. The ability to scan dynamic assets allows you to keep on top of your network even when addresses may be in flux. By scheduling scans, you can use

1 min Nexpose

The Easy Button for Updating your Nexpose Database

Relax while Nexpose does the work for you You may have received notifications that you need to update your Nexpose database soon in order to continue receiving product updates. You may have been putting it off because it sounds like a pain. Good news: it's simple! Have you seen the Staples commercials with the “easy button?” Nexpose basically has that for the update. You don't have to go in to your database and mess around with an upgrade wizard. Nexpose handles all that for you. All you ha

1 min Nexpose

Nexpose Coverage Toolkit Update

A couple of weeks back I told you all about the new capability to add custom protocol support in Nexpose. [/2015/06/30/introducing-the-nexpose-coverage-toolkit]At first we had opened the github repo [https://github.com/rapid7/coverage-toolkit] up as invitation only.  I'm excited to tell you that since then we've expanded the testability, added more protocols, and as of last week we opened it to the public. One of the best things about improving protocol detection is increased scan speed.  Gett

4 min Nexpose

Not stuck in the middle: How to dynamically find assets with vulnerable versions of OpenSSL

On July 9, 2015, the OpenSSL team has announced a vulnerability in specific versions of OpenSSL 1.0.1 and 1.0.2. This vulnerability is listed as “high severity” because it can fail to correctly validate that a certificate presented is issued by a trusted Certificate Authority, leaving systems vulnerable to man-in-the-middle (MITM) attacks. To learn more, see Tod Beardsley's blog post at /2015/07/09/cve-2015-1793-ope nssl-certificate-authority-impersonation [/2015/07/09/cve-2015-1793-openssl-cert

3 min Nexpose

New and improved asset tracking in Nexpose

As of Nexpose 5.13, Nexpose makes it easier for you to gain an asset centric-view of your environment, which will help you with tracking and reporting. An asset is a single device on a network that the application discovers during a scan.  As you may have noticed, Nexpose 5.13 included new functionality: you can now scan asset groups [https://community.rapid7.com/Rapid7_BlogPostDetail?id=a111400000AapXqAAJ]. An asset group is a logical collection of managed assets. Nexpose enables you to config

2 min Nexpose

Why and how to make sure your scan credentials are configured correctly

Recently in Computerworld, a security manager reported on a frightening realization about the user account he was using in his unnamed vulnerability scanner. > The product I use relies on a user account to connect to our Microsoft Windows servers and workstations to check them for vulnerable versions of software, and that user account had never been configured properly. As a result, the scanner has been blind to a lot of vulnerabilities. For more details, see http://www.computerworld.com/art