194 matches found
Announcing Microsoft Azure Asset Discovery in InsightVM
Almost every security or IT practitioner is familiar with the ascent and continued dominance of Amazon Web Services AWS. But you only need to peel back a layer or two to find Microsoft Azure growing its own market share and establishing its position as the most-used, most-likely-to-renew public...
Wanna see WannaCry vulns in Splunk?
Do you want to see your WannaCry vulns all in one dashboard in Splunk? We've got you covered. Before you start, make sure you have these two apps installed in your Splunk App: Rapid7 Nexpose Technology Add-On for Splunk Rapid7 Nexpose for Splunk Steps 1. Follow the directions in this blog post to...
Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose
Update 5/18/17: EternalBlue exploit used in WannaCry attack is now available in Metasploit for testing your compensating controls and validating remediations. More info: EternalBlue: Metasploit Module for MS17-010. Also removed steps 5 and 6 from scan instructions as they were not strictly...
Better Credential Management for Better Vulnerability Results
Often the first time the security team knows that credentials have expired is when their scans start to return dramatically fewer vulnerabilities. We all know getting credentialed access yields the best results for visibility. Yet, maintaining access can be difficult. Asset owners change...
InsightVM/Nexpose Patch Tuesday Reporting
Many of our customers wish to report specifically on Microsoft patch related vulnerabilities. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects...
Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose
Just when youd finished wiping away your WannaCry tears, the interwebs dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494 no snazzy name as of the publishing of this blog, but hopefully something with a Lion King reference will be created soon. As with WannaCry, we wanted to ke...
Modern Network Coverage and Container Security in InsightVM
For a long time, the concept of "infrastructure" remained relatively unchanged: Firewalls, routers, servers, desktops, and so on make up the majority of your network. Yet over the last few years, the tides have begun to shift. Virtualization is now ubiquitous, giving employees tremendous leeway i...
CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key
Today, Rapid7 is notifying Nexpose and InsightVM users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. ...
Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose
Today, security teams are starting their work week with a scramble to remediate MS17-010, in order to prevent the associated ransomware attack, WannaCry, also known as Wanna Decryptor, WNCRY, and Wanna Decryptor 2.0 how I miss the halcyon days when vulnerabilities had gentle names like Poodle. Wi...
Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose
Today, security teams are starting their work week with a scramble to remediate MS17-010, in order to prevent the associated ransomware attack, WannaCry, also known as Wanna Decryptor, WNCRY, and Wanna Decryptor 2.0 how I miss the halcyon days when vulnerabilities had gentle names like Poodle. Wi...
Exploitable Vulnerabilities: A Metasploit-Vulnerability Management Love Story
Integrating InsightVM or Nexpose Rapid7's vulnerability management solutions with Metasploit our penetration testing solution is a lot like Cupid playing "matchmaker" with vulnerabilities and exploit modules. When a vulnerability scan is imported into Metasploit, many things happen under the hood...
Simple Vulnerability Remediation Collaboration with InsightVM
Many security groups today use ticketing systems that were originally designed for IT or developers, and are usually ill-suited to their vulnerability management needs. Even more commonly, teams simply rely on spreadsheets and unwieldy reports. On the other end of the spectrum, some security team...
Actionable Vulnerability Remediation Projects in InsightVM
Security practitioners and the remediating teams they collaborate with are increasingly asked to do more with less. They simply cannot remediate everything; it has never been more important to prioritize and drive remediations from start to finish. The Remediation Workflow capability in InsightVM...
InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)
In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR users, who now had the capabilities of a SIEM, powered by user behavior analytics UBA and endpoint detection. Soon we started to roll...