Posts tagged Nexpose

2 min Vulnerability Management

Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)

InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.

2 min InsightVM

Nmap Service Detection for Nexpose and InsightVM Scan Engines

As of version 6.6.14 of Nexpose and InsightVM, the Scan Engine can now utilize Nmap service probes in addition to existing detection methods to improve the discovery of previously unsupported protocols and services.

3 min InsightVM

Implementing Credential Hygiene with CyberArk and InsightVM

Effectively assess your assets with a scan engine while keeping your credentials safe with the integration between CyberArk and InsightVM and Nexpose.

4 min Customer Perspective

Automation in Action: How Carnegie Mellon University Combats Vulnerabilities Using Nexpose

We recently spoke with Brian W. Gray, Information Security Engineer for Carnegie Mellon University, about how he manages vulnerabilities with Rapid7's vulnerability assessment solution, Nexpose.

3 min Nexpose

AWS power-up: Tag import, asset cleanup, AssumeRole, ad-hoc scan

AWS instances present many challenges to security practitioners, who must manage the spikes and dips of resources in infrastructures that deal in very short-lived assets. Better and more accurate syncing of when instances are spun up or down, altered, or terminated directly impacts the quality of security data. A New Discovery Connection Today we’re excited to announce better integration between the Security Console and Amazon Web Services with the new Amazon Web Services Asset Sync discovery c

2 min Vulnerability Management

Apache Struts S2-052 (CVE-2017-9805): What You Need To Know

Apache Struts, Again? What’s Going On? Yesterday’s Apache Struts vulnerability announcement [https://www.bleepingcomputer.com/news/security/new-apache-struts-vulnerability-puts-many-fortune-companies-at-risk/] describes an XML Deserialization issue in the popular Java framework for web applications. Deserialization of untrusted user input, also known as CWE-502 [https://cwe.mitre.org/data/definitions/502.html], is a somewhat well-known vulnerability pattern, and I would expect crimeware kits to

4 min Nexpose

Vulnerability Management Market Disruptors

Gartner’s recent vulnerability management report [https://www.gartner.com/doc/3775765] provides a wealth of insight into vulnerability management (VM) tools and advice for how to build effective VM programs. Although VM tools and capabilities have changed since the report’s last iteration in 2015, interestingly one thing hasn’t: Gartner’s analysis of potential disruptors to VM tools and practices. Great minds think alike, as we’ve been heavily investing in these areas to help our customers over

4 min Nexpose

R7-2017-13 | CVE-2017-5243: Nexpose Hardware Appliance SSH Enabled Obsolete Algorithms

Summary Nexpose [http://www.rapid7.com/products/nexpose] physical appliances shipped with an SSH configuration that allowed obsolete algorithms to be used for key exchange and other functions. Because these algorithms are enabled, attacks involving authentication to the hardware appliances are more likely to succeed. We strongly encourage current hardware appliance owners to update their systems to harden their SSH configuration using the steps outlined under “Remediation” below. In addition, Ra

3 min Nexpose

InsightVM/Nexpose Patch Tuesday Reporting

Many of our customers wish to report specifically on Microsoft patch related vulnerabilities [https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/]. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects Remediation Projects are a feature included in InsightVM [https://www.rapid7.com/products/insightvm/] that allow you to get a live view

2 min Nexpose

Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose

Just when you'd finished wiping away your WannaCry [/2017/05/12/wanna-decryptor-wncry-ransomware-explained] tears, the interwebs dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494 [https://www.rapid7.com/db/vulnerabilities/samba-cve-2017-7494] (no snazzy name as of the publishing of this blog, but hopefully something with a Lion King reference will be created soon). As with WannaCry, we wanted to keep this simple. First, check out Jen Ellis's overview of the Samba vulnerabil

1 min Nexpose

WannaCry - Scanning & Reporting

In light of the recent WannaCry Ransomware attacks, I thought it'd be great to share ways of finding out which assets are susceptible to this attack. 1) Create a custom scan template to check for MS17-010 The easiest way to create a Custom template is by making a copy of an existing template Administration -> Templates -> Click: Manage Templates -> Copy: Full audit enhanced logging without Web Spider -> IMPORTANT: Name your copy of the Scan Template -> Click: Vulnerability Checks -> Click: By I

2 min Vulnerability Management

CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key

Today, Rapid7 is notifying Nexpose [https://www.rapid7.com/products/nexpose/] and InsightVM [https://www.rapid7.com/products/insightvm/] users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. If you are a Rapid7 customer who has any questions about this issue, please don't hesitate to contact your custome

3 min Metasploit

Exploitable Vulnerabilities: A Metasploit-Vulnerability Management Love Story

Integrating InsightVM [https://www.rapid7.com/products/insightvm/] or Nexpose [https://www.rapid7.com/products/nexpose/] (Rapid7's vulnerability management solutions [https://www.rapid7.com/solutions/vulnerability-management/]) with Metasploit [https://www.rapid7.com/products/metasploit/] (our penetration testing solution [https://www.rapid7.com/solutions/penetration-testing/]) is a lot like Cupid playing “matchmaker” with vulnerabilities and exploit modules [https://www.rapid7.com/fundamentals

4 min Vulnerability Management

Vulnerability Management Tips for the Shadow Brokers Leaked Exploits

Rebekah Brown [/author/rebekah-brown] and the Rapid7 team have delivered a spot-on breakdown of the recent Shadow Brokers exploit and tool release. Before you read any further, if you haven't done so already, please read her post [/2017/04/18/the-shadow-brokers-leaked-exploits-faq]. It's probably not the only post you've read on this topic, but it is cogent, well-constructed and worth the 5 minutes. Back with me? With all of the media attention and discussion in the infosec community, it would

5 min Metasploit

The Shadow Brokers Leaked Exploits Explained

The Rapid7 team has been busy evaluating the threats posed by last Friday's Shadow Broker exploit and tool release [https://arstechnica.com/security/2017/04/purported-shadow-brokers-0days-were-in-fact-killed-by-mysterious-patch/] and answering questions from colleagues, customers, and family members about the release. We know that many people have questions about exactly what was released, the threat it poses, and how to respond, so we have decided to compile a list of frequently asked question