Posts by Ken Mizota

4 min InsightVM

A RESTful API for InsightVM

With 2017 firmly in the rear-view mirror, we peer forward into 2018 and thanks to genre-bending vulnerabilities like Meltdown and Spectre [/2018/01/04/meltdown-and-spectre-what-you-need-to-know-cve-2017-5715-cve-2017-5753-cve-2017-5754/] the future would seem a bit blurry. Louis Pasteur [https://en.wikiquote.org/wiki/Louis_Pasteur] is attributed with the quote: “Chance favors the prepared mind.” Pasteur’s work precedes information security as we know it today by a century, but as an an individu

3 min InsightVM

Vulnerability Management Year in Review, Part 1: Collect

Sometimes, it seems change is the only permanent thing in information security. To help deal with change on your terms, we set out to help maintain visibility to your environment as it is presented to you. How? By efficiently collecting vulnerability data at scale.

4 min Ransomware

Petya-like ransomworm: Leveraging InsightVM and Nexpose for visibility into MS17-010

A Petya-like ransomworm struck on June 27th 2017 and spread throughout the day, affecting organizations in several European countries and the US. It is believed that the ransomworm may achieve its initial infection via a malicious document attached to a phishing email, and that it then leverages the EternalBlue [https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue]and DoublePulsar [https://www.rapid7.com/security-response/doublepulsar/]exploits to spread laterally. Once in

4 min Microsoft

Announcing Microsoft Azure Asset Discovery in InsightVM

Almost every security or IT practitioner is familiar with the ascent and continued dominance [https://techcrunch.com/2017/02/02/aws-still-owns-the-cloud/] of Amazon Web Services (AWS). But you only need to peel back a layer or two to find Microsoft Azure growing its own market share [https://seekingalpha.com/article/4053217-microsoft-azure-growing-presence-cloud] and establishing its position as the most-used, most-likely-to-renew [https://www.forbes.com/sites/louiscolumbus/2017/05/28/how-aws-

2 min Vulnerability Management

CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key

Today, Rapid7 is notifying Nexpose [https://www.rapid7.com/products/nexpose/] and InsightVM [https://www.rapid7.com/products/insightvm/] users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. If you are a Rapid7 customer who has any questions about this issue, please don't hesitate to contact your custome

4 min InsightVM

Discovery of assets in Active Directory

Many security teams work in a world that they can't fully see, let alone control. It can be difficult to know how to make meaningful progress in your vulnerability management program [https://www.rapid7.com/solutions/vulnerability-management/] when simply maintaining visibility can be a struggle. One way to get some leverage is to make wise use of asset discovery. If you are able to tap into repositories or sources of assets, you stand a better chance of gaining and maintaining visibility. Ove

2 min Endpoint Security

Live Vulnerability Monitoring with Agents for Linux

A few months ago, I shared news of the release of the macOS Insight Agent. Today, I'm pleased to announce the availability of the the Linux Agent within Rapid7's vulnerability management solutions [https://www.rapid7.com/solutions/vulnerability-management/]. The arrival of the Linux Agent completes the trilogy that Windows and macOS began in late 2016. For Rapid7 customers, all that really matters is you've got new capabilities to add to your kit. Introducing Linux Agents Take advantage of the

3 min Nexpose

macOS Agent in Nexpose Now

As we look back on a super 2016, it would be easy to rest on one's laurels and wax poetic on the halcyon days of the past year. But at Rapid7 the winter holidays are no excuse for slowing down: The macOS Rapid7 Insight Agent is now available within Nexpose Now. Live Monitoring for macOS Earlier this year, we introduced Live Monitoring for Endpoints with the release of a Windows agent for use with Nexpose Now. The feedback from the Community has been great (and lively!) and now we're back with a

3 min

Nexpose Now Notes: August 2016

We build Nexpose to help security practitioners get from find to fix faster. With the launch of Nexpose Now [/2016/06/07/nexpose-now-because-security-doesnt-wait], Rapid7 delivered Liveboards [https://information.rapid7.com/nexpose-now-release-webcast-6.14.html] to help you know what's weak in your world right now. Liveboards combine your live threat exposure data, powerful analytics and intuitive querying so you can spend less time compiling data, and more time improving your security program.