Lucene search
K

194 matches found

rapid7community
rapid7community
added 2017/06/20 3:15 a.m.237 views

Announcing Microsoft Azure Asset Discovery in InsightVM

Almost every security or IT practitioner is familiar with the ascent and continued dominance of Amazon Web Services AWS. But you only need to peel back a layer or two to find Microsoft Azure growing its own market share and establishing its position as the most-used, most-likely-to-renew public...

7AI score
Exploits0
rapid7community
rapid7community
added 2017/06/16 2:51 p.m.36 views

Wanna see WannaCry vulns in Splunk?

Do you want to see your WannaCry vulns all in one dashboard in Splunk? We've got you covered. Before you start, make sure you have these two apps installed in your Splunk App: Rapid7 Nexpose Technology Add-On for Splunk Rapid7 Nexpose for Splunk Steps 1. Follow the directions in this blog post to...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/06/07 2:57 p.m.380 views

Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose

Update 5/18/17: EternalBlue exploit used in WannaCry attack is now available in Metasploit for testing your compensating controls and validating remediations. More info: EternalBlue: Metasploit Module for MS17-010. Also removed steps 5 and 6 from scan instructions as they were not strictly...

9.3CVSS8AI score0.99693EPSS
Exploits97
rapid7community
rapid7community
added 2017/06/06 5:7 p.m.23 views

Better Credential Management for Better Vulnerability Results

Often the first time the security team knows that credentials have expired is when their scans start to return dramatically fewer vulnerabilities. We all know getting credentialed access yields the best results for visibility. Yet, maintaining access can be difficult. Asset owners change...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/05/30 2:46 p.m.1363 views

InsightVM/Nexpose Patch Tuesday Reporting

Many of our customers wish to report specifically on Microsoft patch related vulnerabilities. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects...

9.3CVSS7.2AI score0.99373EPSS
Exploits18
rapid7community
rapid7community
added 2017/05/25 9:22 p.m.431 views

Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose

Just when youd finished wiping away your WannaCry tears, the interwebs dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494 no snazzy name as of the publishing of this blog, but hopefully something with a Lion King reference will be created soon. As with WannaCry, we wanted to ke...

10CVSS9.6AI score0.99448EPSS
Exploits24
rapid7community
rapid7community
added 2017/05/24 2:9 p.m.15 views

Modern Network Coverage and Container Security in InsightVM

For a long time, the concept of "infrastructure" remained relatively unchanged: Firewalls, routers, servers, desktops, and so on make up the majority of your network. Yet over the last few years, the tides have begun to shift. Virtualization is now ubiquitous, giving employees tremendous leeway i...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/17 9:31 p.m.47 views

CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key

Today, Rapid7 is notifying Nexpose and InsightVM users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. ...

7.4AI score0.00376EPSS
Exploits0
rapid7community
rapid7community
added 2017/05/16 5:51 p.m.325 views

Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose

Today, security teams are starting their work week with a scramble to remediate MS17-010, in order to prevent the associated ransomware attack, WannaCry, also known as Wanna Decryptor, WNCRY, and Wanna Decryptor 2.0 how I miss the halcyon days when vulnerabilities had gentle names like Poodle. Wi...

9.3CVSS7.5AI score0.99693EPSS
Exploits97
rapid7community
rapid7community
added 2017/05/15 6:25 p.m.388 views

Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose

Today, security teams are starting their work week with a scramble to remediate MS17-010, in order to prevent the associated ransomware attack, WannaCry, also known as Wanna Decryptor, WNCRY, and Wanna Decryptor 2.0 how I miss the halcyon days when vulnerabilities had gentle names like Poodle. Wi...

9.3CVSS7.5AI score0.99693EPSS
Exploits94
rapid7community
rapid7community
added 2017/05/15 3:1 p.m.40 views

Exploitable Vulnerabilities: A Metasploit-Vulnerability Management Love Story

Integrating InsightVM or Nexpose Rapid7's vulnerability management solutions with Metasploit our penetration testing solution is a lot like Cupid playing "matchmaker" with vulnerabilities and exploit modules. When a vulnerability scan is imported into Metasploit, many things happen under the hood...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/08 1:47 p.m.48 views

Simple Vulnerability Remediation Collaboration with InsightVM

Many security groups today use ticketing systems that were originally designed for IT or developers, and are usually ill-suited to their vulnerability management needs. Even more commonly, teams simply rely on spreadsheets and unwieldy reports. On the other end of the spectrum, some security team...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/04/24 4:2 a.m.29 views

Actionable Vulnerability Remediation Projects in InsightVM

Security practitioners and the remediating teams they collaborate with are increasingly asked to do more with less. They simply cannot remediate everything; it has never been more important to prioritize and drive remediations from start to finish. The Remediation Workflow capability in InsightVM...

6.9AI score
Exploits0
rapid7community
rapid7community
added 2017/04/11 4:19 p.m.64 views

InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)

In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR users, who now had the capabilities of a SIEM, powered by user behavior analytics UBA and endpoint detection. Soon we started to roll...

6.7AI score
Exploits0
Rows per page
Query Builder