4 min
InsightVM
A RESTful API for InsightVM
With 2017 firmly in the rear-view mirror, we peer forward into 2018 and thanks
to genre-bending vulnerabilities like Meltdown and Spectre
[/2018/01/04/meltdown-and-spectre-what-you-need-to-know-cve-2017-5715-cve-2017-5753-cve-2017-5754/]
the future would seem a bit blurry. Louis Pasteur
[https://en.wikiquote.org/wiki/Louis_Pasteur] is attributed with the quote:
“Chance favors the prepared mind.” Pasteur’s work precedes information security
as we know it today by a century, but as an an individu
3 min
InsightVM
Vulnerability Management Year in Review, Part 1: Collect
Sometimes, it seems change is the only permanent thing in information security. To help deal with change on your terms, we set out to help maintain visibility to your environment as it is presented to you. How? By efficiently collecting vulnerability data at scale.
4 min
Ransomware
Petya-like ransomworm: Leveraging InsightVM and Nexpose for visibility into MS17-010
A Petya-like ransomworm struck on June 27th 2017 and spread throughout the day,
affecting organizations in several European countries and the US. It is believed
that the ransomworm may achieve its initial infection via a malicious document
attached to a phishing email, and that it then leverages the EternalBlue
[https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue]and
DoublePulsar [https://www.rapid7.com/security-response/doublepulsar/]exploits to
spread laterally. Once in
4 min
Microsoft
Announcing Microsoft Azure Asset Discovery in InsightVM
Almost every security or IT practitioner is familiar with the ascent and
continued dominance
[https://techcrunch.com/2017/02/02/aws-still-owns-the-cloud/] of Amazon Web
Services (AWS). But you only need to peel back a layer or two to find Microsoft
Azure growing its own market share
[https://seekingalpha.com/article/4053217-microsoft-azure-growing-presence-cloud]
and establishing its position as the most-used, most-likely-to-renew
[https://www.forbes.com/sites/louiscolumbus/2017/05/28/how-aws-
2 min
Vulnerability Management
CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key
Today, Rapid7 is notifying Nexpose [https://www.rapid7.com/products/nexpose/]
and InsightVM [https://www.rapid7.com/products/insightvm/] users of a
vulnerability that affects certain virtual appliances. While this issue is
relatively low severity, we want to make sure that our customers have all the
information they need to make informed security decisions regarding their
networks. If you are a Rapid7 customer who has any questions about this issue,
please don't hesitate to contact your custome
4 min
InsightVM
Discovery of assets in Active Directory
Many security teams work in a world that they can't fully see, let alone
control. It can be difficult to know how to make meaningful progress in your
vulnerability management program
[https://www.rapid7.com/solutions/vulnerability-management/] when simply
maintaining visibility can be a struggle. One way to get some leverage is to
make wise use of asset discovery. If you are able to tap into repositories or
sources of assets, you stand a better chance of gaining and maintaining
visibility.
Ove
2 min
Endpoint Security
Live Vulnerability Monitoring with Agents for Linux
A few months ago, I shared news of the release of the macOS Insight Agent.
Today, I'm pleased to announce the availability of the the Linux Agent within
Rapid7's vulnerability management solutions
[https://www.rapid7.com/solutions/vulnerability-management/]. The arrival of the
Linux Agent completes the trilogy that Windows and macOS began in late 2016. For
Rapid7 customers, all that really matters is you've got new capabilities to add
to your kit.
Introducing Linux Agents
Take advantage of the
3 min
Nexpose
macOS Agent in Nexpose Now
As we look back on a super 2016, it would be easy to rest on one's laurels and
wax poetic on the halcyon days of the past year. But at Rapid7 the winter
holidays are no excuse for slowing down: The macOS Rapid7 Insight Agent is now
available within Nexpose Now.
Live Monitoring for macOS
Earlier this year, we introduced Live Monitoring for Endpoints with the release
of a Windows agent for use with Nexpose Now. The feedback from the Community has
been great (and lively!) and now we're back with a
3 min
Nexpose Now Notes: August 2016
We build Nexpose to help security practitioners get from find to fix faster.
With the launch of Nexpose Now
[/2016/06/07/nexpose-now-because-security-doesnt-wait], Rapid7 delivered
Liveboards
[https://information.rapid7.com/nexpose-now-release-webcast-6.14.html] to help
you know what's weak in your world right now. Liveboards combine your live
threat exposure data, powerful analytics and intuitive querying so you can spend
less time compiling data, and more time improving your security program.