1 min
Nexpose
New Vulnerability Filtering in Adaptive Security
Nexpose has long provided the ability to filter vulnerabilities by a wide
variety of categories and operators. Starting in Nexpose 6.1, filtering in
new-vulnerability actions in Adaptive Security closely mirrors that of Nexpose.
New vulnerability actions were covered in a recent blog .How Adaptive Security
fits into your Vulnerability Management Program).
[/2015/11/20/how-adaptive-security-fits-into-your-vulnerability-management-program]
Similarity to Nexpose Filtering
The enhanced filters no
1 min
Nexpose
Configuring the SNMP request timeout
The SNMP protocol is very common, has many implementations and is deployed in
diverse networks. In some cases it responds very promptly, in others it is
relatively slow to respond. We found that in some environments a 1 second
request timeout was insufficient, so in Nexpose 6.1.1 we have changed the
default to 3 seconds in order to improve the service and related vulnerability
detection.
This, however, can have a major impact on scan times on port 161 and may not be
desirable on networks with l
2 min
Nexpose
Update Tuesday, December 2015
December continues this quarter's trend, 10 bulletins addressing remote code
execution (RCE) vulnerabilities, while the remaining two address elevation of
privilege. The vulnerabilities affect Internet Explorer (7 and onwards), Edge,
Office, Silverlight, VBScript scripting engine and Windows (Vista and onwards).
It is advisable for users and administrators to patch the affected platforms.
Microsoft released 12 security bulletins this month, two thirds of them rates as
critical, resolving a tot
4 min
Vulnerability Management
How Adaptive Security fits into your Vulnerability Management Program
Building an Application Vulnerability Management Program, found in the SANS
Institute Reading Room (
https://www.sans.org/reading-room/whitepapers/application/building-application-v
ulnerability-management-program-35297), identifies vulnerability program
management as a cyclical process involving the following steps:
* Policy
* Discovery and Baseline
* Prioritization
* Shielding and Mitigation
* Eliminating the Root Cause
* Monitoring
While the use of Nexpose applies to several of these
2 min
Nexpose
Changes to OVAL in Nexpose 6.0.6
Rapid7 has made it a priority to support security industry standards, including
the Open Vulnerability and Assessment Language (OVAL). Those of you who use
Nexpose to measure policy compliance, either by using the built-in CIS, DISA,
and USGCB policies, or by writing your own custom policies, are using OVAL for
these policies.
A decision by the National Institute of Standards and Technology (NIST) has made
it necessary for us to make changes in our OVAL implementation. These changes
affect po
2 min
Nexpose
Update Tuesday, November 2015
November sees a mix of remote code execution and elevation of privilege
vulnerabilities enabling an attacker to gain the same rights as the user when
the victim opens specially crafted content, such as a webpage, journal file or
document containing embedded fonts. These vulnerabilities affect Internet
Explorer (7 and onwards), Edge, and Windows (Vista and onwards). It is
advisable for users and administrators to patch the affected platforms.
Microsoft includes 12 security bulletins, a third of
1 min
Nexpose
Increasing Risk Visibility
We at Rapid7 are committed to providing our customers with the best, most
accurate vulnerability detection and remediation information. To better serve
you, starting October 28th, 2015, Rapid7 will begin generating content for
Nexpose in a way that will provide greater visibility into risk. This change
will start with content generated for Adobe, Debian and Ubuntu and eventually
all supported platforms will transition to this approach. For the end user the
benefit is more accurate representation
3 min
Nexpose
UserInsight Integrates with Nexpose for Total User and Asset Security Visibility
Rapid7's Vulnerability Management and User Behavior Analytics solutions
[https://www.rapid7.com/products/userinsight/user-behavior-analytics-user-activity-monitoring.jsp]
, Nexpose and UserInsight, now integrate to provide visibility and security
detection across assets and the users behind them. Combining the pair provides
massive time savings and simplifies incident investigations by highlighting risk
across your network ecosystem without writing queries or digging through logs.
Related Resou
3 min
Nexpose
Nexpose 6.0: Using Adaptive Security
Overview
Adaptive Security is a new feature released in Nexpose 6.0 that dynamically
collects and analyzes the important network changes with minimal configuration
needed from the user. This new feature allows you to create workflows called
automated actions that can respond to various behaviors occurring in your
environment automatically. For further explanation, please feel free to read
Adaptive Security Overview. [/2015/10/02/adaptive-security-overview]
Triggers and Actions
Currently Adapti
3 min
Nexpose
Rapid7 joins Cisco ISE Ecosystem for Endpoint Vulnerability & Threat Defense
I was pretty excited when Cisco came to Rapid7 last year and offered for us to
be one of their launch partners for their Identity Services Engine (ISE)
Ecosystem. Flash forward one year, and the public unveiling of Rapid7 joining
the ISE partner ecosystem was announced earlier this week at Cisco Live
[http://www.ciscolive.com/us/?zid=globalbox] in San Diego, California.
If you are not familiar with Cisco Live, it's a massive conference that attracts
more than 26,000 attendees who fly into bea
4 min
User Experience
Nexpose 6.0: New and Improved User Experience
Introduction
My name is JF Boisvert - Nexpose Senior UX Architect. In this role, I see
opportunities everyday to improve our user flows, visual design, and customer
usage.
I am excited to share with you valuable insights into the Nexpose 6 product
development process, and how we are making a better, more usable product.
Process
With Nexpose 6, we are laying a new foundation which will percolate across all
of our product line to eventually unify the look, experience, and interactions
our custom
2 min
Nexpose
Aiming at critical moving targets: Advanced Nexpose scanning
One of the exciting but challenging aspects of working in the security industry
is how quickly things change. You have to protect critical data while physical
and virtual devices are coming on and offline, and new threats are announced on
a regular basis.
Advanced features in Nexpose are designed to help you respond to these
complicated situations. The ability to scan dynamic assets allows you to keep on
top of your network even when addresses may be in flux. By scheduling scans, you
can use
1 min
Nexpose
The Easy Button for Updating your Nexpose Database
Relax while Nexpose does the work for you
You may have received notifications that you need to update your Nexpose
database soon in order to continue receiving product updates. You may have been
putting it off because it sounds like a pain.
Good news: it's simple!
Have you seen the Staples commercials with the “easy button?” Nexpose basically
has that for the update. You don't have to go in to your database and mess
around with an upgrade wizard. Nexpose handles all that for you. All you ha
1 min
Nexpose
Nexpose Coverage Toolkit Update
A couple of weeks back I told you all about the new capability to add custom
protocol support in Nexpose.
[/2015/06/30/introducing-the-nexpose-coverage-toolkit]At first we had opened the
github repo [https://github.com/rapid7/coverage-toolkit] up as invitation only.
I'm excited to tell you that since then we've expanded the testability, added
more protocols, and as of last week we opened it to the public.
One of the best things about improving protocol detection is increased scan
speed. Gett
4 min
Nexpose
Not stuck in the middle: How to dynamically find assets with vulnerable versions of OpenSSL
On July 9, 2015, the OpenSSL team has announced a vulnerability in specific
versions of OpenSSL 1.0.1 and 1.0.2. This vulnerability is listed as “high
severity” because it can fail to correctly validate that a certificate presented
is issued by a trusted Certificate Authority, leaving systems vulnerable to
man-in-the-middle (MITM) attacks. To learn more, see Tod Beardsley's blog post
at /2015/07/09/cve-2015-1793-ope nssl-certificate-authority-impersonation
[/2015/07/09/cve-2015-1793-openssl-cert