tCell by Rapid7
Managed Detection & Response (MDR)
Managed Vulnerability Management
Managed Application Security
Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Cloud Overview Try Now
User Behavior Analytics & SIEM
Dynamic Application Security Testing
Orchestration & Automation
Application Security On-Premise
Application Monitoring & Protection
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
In this week’s Feature Friday, Brian O’Neill Sr. Product Strategist, will show you how to scan for the Java Deserialization vulnerability in Nexpose to see where this vulnerability exists on your network, and then validate exploitation is possible in Metasploit Pro.
The Java Deserialization vulnerability allows remote attackers to execute unknown and unapproved code in a java application. There are potentially millions of Java applications deployed on the internet that are vulnerable to this attack method. Several very common middle ware applications have already been proven to be exploitable such as jBoss, Oracle WebLogic, Jenkins and WebSphere. Luckily you can use Nexpose to determine if your applications are at risk and Metasploit Pro to validate this risk. You can read our blog post providing more details here.
By validating that this vulnerability is exploitable on your network, you are able to prove to your IT team that remediation needs to happen swiftly and demonstrate the real risk associated with it.
If you are interested in scanning for and validating vulnerabilities, download Nexpose and Metasploit.
Learn how our vulnerability management software can help you find, prioritize, and reduce risk.