Posts tagged Product Updates

17 min InsightIDR

Universal Event Formats in InsightIDR: A Step-by-Step NXLog Guide

Follow this step-by-step walkthrough to use NXLog to transform an ingress authentication log into UEF.

2 min InsightIDR

Universal Event Formats Q&A: Apply User Behavior Analytics to More of Your Data

Rapid7 is proud to announce a new way to collect log data: Universal Event Formats. Here is a quick Q&A to give you the lowdown.

5 min InsightAppSec

New Features: Rapid7 Launches Public API For InsightAppSec

Rapid7 is pleased to announce the newest addition to your application security toolkit on the Rapid7 Insight platform: the public API in our DAST solution, InsightAppSec.

4 min InsightVM

Automate to Accelerate: Introducing Security Orchestration and Automation on the Rapid7 Insight Platform

Rapid7 is proud to officially announce orchestration and automation on our Insight platform, with automation taking shape in a number of existing products and our new SOAR offering, Rapid7 InsightConnect.

3 min Azure

Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform

Today, we announced [https://www.rapid7.com/about/press-releases/rapid7-integrates-with-microsoft-azure/] continued, more comprehensive development of the integration between the Rapid7 Insight platform [https://www.rapid7.com/products/insight-platform/] and Microsoft Azure. A new integration with Azure Security Center makes it easy to deploy the Rapid7 unified Insight Agent across new and existing Azure Virtual Machines. This automated deployment enables InsightVM customers to maintain consta

16 min Metasploit

Don't Get Blindsided: Better Visibility Into User and Asset Risks with Metasploit 4.8

Not having visibility can be dangerous in many situations. The new Metasploit 4.8 gives you better visibility in four key areas: * View phishing exposure in the context of the overall user risk * See which vulnerabilities pose the biggest risk to your organization * Have all host information at your fingertips when doing a pentest * Discover the latest risks on your network with new exploits and other modules See Phishing Exposure as One Factor of User Risk Users are often a weak part of t

3 min Product Updates

Weekly Update

Disclosures for SuperMicro IPMI On the heels of last week's bundle of FOSS disclosures [/2013/10/30/seven-foss-disclosures-part-one], we've gone a totally different direction this week with a new round of disclosures. Today, we're concentrating on a single vendor which ships firmware for Baseboard Management Controllers (BMCs): Supermicro, and their Supermicro IPMI firmware. You can read up on the details on HD's blog post [/2013/11/06/supermicro-ipmi-firmware-vulnerabilities] which covers the

4 min Product Updates

Weekly Update: Exploiting (Kind of) Popular FOSS Apps

Disclosure for FOSS Projects Earlier today, we published seven modules for newly disclosed vulnerabilities [/2013/10/30/seven-foss-disclosures-part-one] that target seven free and open source (FOSS) projects, all discovered and written by long time Metasploit contributor Brandon Perry [https://twitter.com/brandonprry]. These vulnerabilies moved through Rapid7's usual disclosure process [https://rapid7.com/disclosure.jsp], and as you can read in the summary blog post, it was a little bit of an ad

4 min Product Updates

Weekly Update: Meterpreter Updates, VMWare, the OSX spycam, Retabbing, and more!

Meterpreter Updates This is a big week for Meterpreter. For starters, we've landed a new Meterpreter Python payload [https://github.com/rapid7/metasploit-framework/blob/master/modules/payloads/stages/python/meterpreter.rb] . Yes, yes, I know, you thought that Metasploit was all Ruby all the time, but this and the Python payloads for bind shells from Spencer McIntyre [https://github.com/zeroSteiner] should help out on advancing the state of Meterpreter by leaps and bounds. Despite Metasploit's m

3 min Product Updates

Weekly Update: Apple OSX Privilege Escalation

Sudo password bypass on OSX This week's update includes a nifty local exploit for OSX, the sudo bug described in CVE-2013-1775. We don't have nearly enough of these Apple desktop exploits, and it's always useful to disabuse the Apple-based cool-kids web app developer crowd of the notion that their computing platform of choice is bulletproof. Joe Vennix [https://github.com/jvennix-r7], the principle author of this module, is, in fact, of that very same Apple-based developer crowd, and usually bu

3 min Product Updates

Weekly Update: Cooperative Disclosure and Assessing Joomla

Cooperative Disclosure I'm in attendance this year at Rapid7's UNITED Security Summit [http://www.unitedsummit.org/], and the conversations I'm finding myself in are tending to revolve around vulnerability disclosure. While Metasploit doesn't traffic in zero-day vulnerabilities every day, it happens often enough that we have a disclosure policy [https://rapid7.com/disclosure.jsp] that we stick to when we get a hold of newly uncovered vulnerabilities. What's not talked about in that disclosure p

3 min Product Updates

Weekly Update: Metasploit Pro on Chromebook, Galaxy Tab, and a Batch of New ZDI Exploits

Vegas Time! Like the rest of the information security industry, we're buttoning down for the annual pilgramage to Vegas next week. This means collecting up all our new community-sourced swag [/2013/07/16/metasploit-design-contest-winners], finishing up training and presentation material, figuring out what the heck to do with our phones to avoid casual ownage, and test driving our new Chromebook builds of Metasploit Pro. They're pretty sweet. The latest update for ARM-arch Kali should run withou

3 min Metasploit

Metasploit Update: Those Sneaky IPMI Devices

IPMI, in my network? This week's update features a set of tools for auditing your IPMI infrastructure. "Phew, I'm glad I'm not one of those suckers," you might be thinking to yourself. Well, the thing about IPMI (aka, the Intelligent Platform Management Interface) is that it's just a skootch more esoteric than most protocols, and even experienced server administrators may not be aware of it. Do you use server hardware from IBM, Dell, or HP? Have you ever had to use IBM's Remote Supervisor adapte

2 min Metasploit

Metasploit Update: Weaponizing Local Exploits

Weaponizing Local Exploits This week's update features an exploit for Tavis @taviso [https://twitter.com/tavsio] Ormandy's vulnerability in the EPATHOBJ::pprFlattenRec [http://seclists.org/fulldisclosure/2013/May/91] function, which lives in win32k.sys on pretty much any Windows machine you're likely to run into. A whole lot of people threw in on this module to make this exploit reliable in Metasploit -- Tavis and progmboy wrote the original C exploit, new contributor @Keebie4e [https://github

2 min Product Updates

Weekly Update: Smaller is Better

In this week's episode, the role of Tod Beardsley will be played by egypt. Smaller is better Perhaps the most prominent addition to the framework this week is not an addition at all, but rather a deletion. We've been working toward a slimmer, more manageable source tree for a while now, and as part of that effort, we recently removed a pile of old-and-busted unit tests. This update goes a bit further, moving source code for some compiled payloads into seperate repositories. Metasploit's version