5 min
Metasploit
Pentesting in the Real World: Gathering the Right Intel
This is the first in a series of blog topics by penetration testers, for
penetration testers, highlighting some of the advanced pentesting techniques
they'll be teaching in our new Network Assault and Application Assault
certifications, opening for registration this week. For more information, check
out the training page at
www.rapid7.com/services/training-certification/penetration-testing-training.jsp
[http://www.rapid7.com/services/training-certification/penetration-testing-training.jsp]
So
2 min
Nexpose
Better, Faster, Stronger: Nexpose Scan Times improved by over 10x!
In any vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management.jsp] program,
defenders are always racing against time to identify new exposures and get the
latest data. The recent Nexpose Now release made this easier than ever in
Nexpose, but active scans will always remain important. Over the past quarter,
we've made major strides in improving our scan engine performance so that
customers can get the data and the fixes they need fast enough to keep up with
the bad gu
2 min
Nexpose
Patch Tuesday, July 2016
July [https://technet.microsoft.com/en-us/library/security/ms16-jul.aspx]
continues an on-going trend with Microsoft's products where the majority of
bulletins (6) address remote code execution (RCE) followed by information
disclosure (2), security feature bypass (2) and elevation of privilege (1). All
of this month's 'critical' bulletins are remote code execution vulnerabilities,
affecting a variety of products and platforms including Edge, Internet Explorer,
Microsoft Office, Office Services
2 min
Nexpose
Getting More Out of Nexpose Policy Reports
Auditing your systems for compliance with secure configuration policies like
CIS, DISA STIGs, and USBCG is an important part of any effective security
program, not to mention a requirement for many industry and regulatory
compliances like PCI, DSS, and FISMA. With Nexpose, you can automate this
assessment using our Policy Manager feature.
Back in March we launched two brand new policy report templates, Policy Rule
Breakdown Summary and Top Policy Remediations, to help organizations understand
h
2 min
Nexpose
Vulnerability Regression Monitoring With Nexpose
Recently I've been diving into some advanced
[/2016/05/26/impact-driven-risk-analysis] and targeted
[/2016/05/31/targeted-analysis-default-accounts] analysis features. Today I'd
like to keep things simple while still addressing a significant use case -
Vulnerability Regression. Often times the immediate response to high visibility
vulnerabilities does not involve setting up future monitoring, leaving the door
open for the same vulnerabilities to show back up time and again.
[RELATED: Vulnerabi
2 min
Nexpose
Update Tuesday, June 2016
June continues an on-going trend with Microsoft's products where the majority of
bulletins (7) address remote code execution (RCE) with elevation of privilege as
a close second (6); the three address information disclosure (2) and denial of
service. All critical bulletins are remote code execution vulnerabilities
affecting a variety of products and platforms including Edge, Internet Explorer,
Microsoft Office, Office Services and Web Apps as well as Windows (client and
server). However, this mon
6 min
Vulnerability Management
Vulnerability Management Needs To Stop Slowing Security Improvement
Incremental improvement is great. Nothing, especially in the world of software,
is perfect when first released to the market, so iterative improvement is an
expectation every customer must have. But problems begin to arise for users when
incremental improvement becomes the accepted norm for long periods of time. Many
experts in the vulnerability management market believe that is what's happened
in the industry: vendors continuously spit out minimal, albeit important,
updates such as a new report
3 min
Nexpose
Nexpose Now: Because Security Doesn't Wait
Attackers don't wait for your schedule, in fact, they try and take advantage of
your ‘windows of wait' when you're biding your time waiting for a scan. Just
think of your typical Patch Tuesday, when you walk in on Wednesday your
vulnerability management solution has all the checks, but then you wait for that
next scan. You wait for data to be recollected, assessed, and then hopefully
served up in a way that is intuitive and describes exactly what you need to do,
and when. At that point the work
5 min
Nexpose
Focusing on Default Accounts - Targeted Analysis With Nexpose
In my last blog post I went in depth on Impact Driven Analysis and Response
[/2016/05/26/impact-driven-risk-analysis], an often-overlooked but very handy
analysis option in Nexpose. Today I'd like to talk about another great option
for analysis - filtering assets based on their discovered vulnerabilities by
Vulnerability Category. We will use Filtered Asset search to take a focused look
at a specific category: Default Account findings.
Default accounts are high significance findings with low e
4 min
Nexpose
Impact Driven Risk Analysis and Response With Nexpose
Today I'd like to highlight an often overlooked but very handy analysis option
in Nexpose - filtering assets based on their discovered vulnerability CVSS
Impact Metrics (Confidentiality, Integrity, Availability).
We will use RealContext tags and Filtered Asset Search to answer the following
questions:
* Are there any Availability Impact findings on High Availability systems? (
i.e. web servers, authentication servers)
* Are there any Confidentiality Impact findings on systems with Highly
2 min
Nexpose
Patch Tuesday, May 2016
May continues a long-running trend with Microsoft where the majority of
bulletins (10) address remote code execution (RCE) vulnerabilities; the
remaining address elevation of privilege (2), information disclosure (2) and
security feature bypass. All critical bulletins are remote code execution issues
affecting a variety of products and platforms including Adobe Flash Player,
Edge, Internet Explorer, .NET Framework, Office, Office Services and Web Apps
and Windows (client and server).
Looking b
1 min
Incident Detection
Redner's Markets Selects Nexpose & InsightUBA for Compliance and Incident Detection
With breaches making regular headlines, security teams are under more scrutiny
than ever before. This is especially true in retail, where strong security
practices are paramount to protecting customer and organizational data. PCI DSS
compliance is a key component of any retail organization's security program. As
a level 2 merchant, Redner's Markets [http://www.rednersmarkets.com/] must
conduct regular vulnerability scans, collect logs, and review them daily.
“Compliance was what began our rel
2 min
Nexpose
Nexpose Content Release Cadence
Over the past year our Nexpose team has taken on the challenge of overhauling
our product and internal processes to enable more frequent and seamless content
releases. The objective is simple, get customers content to their consoles
faster without disrupting their workflow and currently running or scheduled
scans. This enables security teams to respond to industry trends much faster and
coupled with our new adaptive security feature enables low impact delta scans of
just the new or updated vulne
2 min
Nexpose
Adaptive Security: Rapid7 Critical Vulnerability Category
Starting this week, we have added a new vulnerability category: Rapid7 Critical.
When we examine a typical vulnerability, each vulnerability comes with various
pieces of information such as CVE id, CVSS score, and others. These pieces of
information can be very handy especially when you set up Automated Actions in
Nexpose. Here is an example:
As you can see the example on the right, this trigger will initiate a scan
action if there is a new coverage available that meets the criteria of CVSS
2 min
Nexpose
Update Tuesday, April 2016
April continues a long-running trend with Microsoft where the majority of
bulletins (9) address remote code execution (RCE) vulnerabilities; the remaining
address elevation of privilege (2), security feature bypass and denial of
service (DOS). All critical bulletins are remote code execution issues affecting
a variety of products and platforms including Adobe Flash Player, Edge, Internet
Explorer, .NET Framework, Office, Office Services and Web Apps, Skype for
Business, Lync and Windows (client