3 min
Nexpose
Optimizing Adaptive Security: New and Known Assets
Since I started working on Rapid7's Information Security team, I've had
firsthand experience with what is arguably the hardest part of vulnerability
management: Creating and updating a complete inventory of your assets and their
vulnerabilities. While you'll never be able to achieve perfection in this
regard, Adaptive Security in Nexpose
[https://www.rapid7.com/products/nexpose/nx6.jsp] makes it significantly easier
for InfoSec teams to improve their current vulnerability management program with
1 min
Nexpose
New Policy Reports in Nexpose
With Nexpose, you can assess your network for secure configurations at the same
time as vulnerabilities, giving you a unified view of your risk and compliance
posture. The latest version of Nexpose focuses on making it easier to understand
how well you're doing and the actions to take to improve overall compliance.
Starting with Nexpose 6.2.0, users now have access to two brand new policy
reports that help you take control of your compliance program and focus on what
is important.
The first r
2 min
Nexpose
MVM Migration to Nexpose - Toolkit
As most, if not all, current Intel Security customers are aware, Intel has
announced the End-of-Life of the McAfee Vulnerability Manager, aka. MVM. Coupled
with that announcement, Intel also announces it has partnered with Rapid7 and is
recommending that current, and future Intel Security customers, leverage
Rapid7's Nexpose to fill their vulnerability and threat exposure management
needs.
To aid in the transition from MVM to Nexpose, Rapid7, has developed a Migration
Toolkit. The Toolkit conta
3 min
Nexpose
How to use Nexpose to find all assets affected by DROWN
Introduction
DROWN is a cross-protocol attack against OpenSSL. The attack uses export cipher
suites and SSLv2 to decrypt TLS sessions. SSLv2 was developed by Netscape and
released in February 1995. Due to it containing a number of security flaws, the
protocol was completely redesigned and SSLv3 was released in 1996. Even though
SSLv2 was declared obsolete over 20 years ago, there are still servers
supporting the protocol. What's both fascinating and devastating about the DROWN
attack, is that se
1 min
Nexpose
Nexpose OS Fingerprinting Feedback
Have you ever run a Nexpose scan and had the wrong operating system identified
for an asset? Perhaps the incorrect TCP/IP stack fingerprint was used, or you
scanned an embedded device we haven't seen before. The March 9th release of
Nexpose (6.1.14) has a new feature that allows you easily report such
fingerprinting errors to Rapid7 and helps us to improve fingerprinting accuracy.
No need to open a support ticket!
A new feedback button (circled below), available on the Asset detail page next
to
2 min
Nexpose
Update Tuesday, March 2016
March continues this quarter's trend with the majority of bulletins (8)
addressing remote code execution (RCE) vulnerabilities; the remaining address
elevation of privilege (4) and security feature bypass. All of the critical
bulletins are remote code execution issues affecting a variety of products and
platforms including Edge, Internet Explorer, Office, Office for Mac, Office Web
Apps, SharePoint and releases of Microsoft Windows (Client and Server).
This month Microsoft resolves 39 vulnerab
1 min
Nexpose
Nexpose Receives AWS Certification
Rapid7's Nexpose just became the first Threat Exposure Management solution to
complete AWS' new rigorous pre-authorized scanning certification process!
Normally, a customer must request permission from AWS support to perform
vulnerability scans. This request must be made for each vulnerability scan
engine or penetration testing tool and renewed every 90 days. The new
pre-authorized Nexpose scan engine streamlines the process. When a
pre-authorized scan engine is launched from the AWS Marketplac
3 min
AWS
Nexpose Scan Engine on the AWS Marketplace
Update September 2017: For even more enhanced capabilities, check out the AWS
Web Asset Sync Discovery Connection
[/2017/09/14/aws-power-up-tag-import-asset-cleanup-assume-role-ad-hoc-scan/].
Rapid7 is excited to announce that you can now find a Nexpose Scan Engine AMI on
the Amazon Web Services Marketplace making it simple to deploy a pre-authorized
Nexpose Scan Engine from the AWS Marketplace to scan your AWS assets!
What is an AMI ?
An Amazon Machine Image (AMI) allows you to launch a virt
3 min
Nexpose
Nation's 'Hacker-in-Chief' Demonstrates Old Dog's Value
In today's security ecosystem, there are several technologies/programs that are
considered to be the old dogs. They've been around the block a few times, have
a few gray hairs, and just aren't as sexy anymore. Most companies have had
these technologies for years now, and they typically don't get the headlines
that some of the newer, hotter technologies are getting. Antivirus, Email
Security, Firewalls, and Vulnerability Management are a few of these. It's hard
to compete with big-data-machin
1 min
Nexpose
Update Tuesday, February 2016
February continues this quarter's trend with the majority of bulletins (7)
addressing remote code execution (RCE) vulnerabilities; the remaining 6 evenly
address denial of service (DOS) and elevation of privilege. All of the critical
bulletins (MS16-009, MS16-011. MS16-012, MS16-013, MS16-015, MS16-022) are
remote code execution issues affecting a variety of products and platforms
include Edge, Internet Explorer, Office, Office for Mac, Office Web Apps,
SharePoint and releases of Microsoft Windo
2 min
Windows
Nexpose Remote Registry Activation for Windows
The Windows Registry is a database which stores all settings for a Windows
system, e.g. hardware, software installed, Windows updates installed and
preferences for users and their applications. During normal day to day use a
standard user will inadvertently push changes into this database when they
update the system, add/remove applications and so on.
Remote Registry is a Windows service which allows a non-local user to read or
make changes to the registry on your Windows system when they are
1 min
Nexpose
Update Tuesday, January 2016
The year's first release contains 9 bulletins, 7 remote code execution (RCE), an
elevation of privilege and spoofing vulnerability. The critical bulletins
(MS15-001, MS15-002, MS15-003, MS15-004, MS15-005, MS15-006) are comprised of
remote code execution vulnerabilities affecting a variety of products and
platforms including Edge, Internet Explorer (7 and onwards), Excel Viewer,
Office, SharePoint Server, Silverlight, Word Viewer, VBScripting engine and all
supported releases of Microsoft Window
3 min
Nexpose
Nexpose Two Factor Authentication
For organizations that want additional security upon login, Nexpose and the
Rapid7 Nexpose-Client Ruby Gem will support Two Factor Authentication as of the
January 6, 2016 release. Two Factor Authentication requires the use of a
time-based one-time password application such as Google Authenticator.
Two Factor Authentication can only be enabled by a Global Administrator on the
Security Console.
To enable Two Factor Authentication:
1. As a Global Administrator, go to the Administration tab.
2.
3 min
Nexpose
Have JBoss, Jenkins, WebLogic, WebSphere based applications? Brace yourself, they've got an unwanted Christmas present for you!
Java based server applications are prevalent throughout most corporate
networks. Thousands, if not millions, of applications are deployed using JBoss,
Jenkins, WebLogic and WebSphere - so when a vulnerability affecting the
underlying technology pops up, the impact can be significant. A vulnerability
was recently discovered affecting any Java application which can receive data
back from users, allowing malicious actors to insert unsafe data as it attempts
to ingest the information. The applica
2 min
Nexpose
More TLS Improvements in Nexpose 6.1.2
After releasing TLS Coverage Improvements in Nexpose 6.0.2
[/2015/10/14/tls-coverage-improvements-in-nexpose-602] we figured that the
Nexpose Security Console should be able to abide by our own suggestions. Last
year we had already disabled SSLv3 support by default and allowed configuring
what other protocols are enabled on the console as well. With this week's
release we're limiting the TLS cipher suites available to the console's web
server by default. Similar to the protocols, the cipher suit