4 min
InsightIDR
Unifying Security Data: How to Streamline Endpoint Detection and Response
Collecting data from the endpoint can be tedious and complex (to say the least).
Between the data streaming from your Windows, Linux, and Mac endpoints, not to
mention remote authentication and the processes running on these assets, there
is a lot of information to gather and analyze. Unless you have a deep knowledge
of operating systems to build this yourself—or additional budget to add these
data streams to your SIEM tool —it
may not be feasible for y
3 min
Penetration Testing
Password Tips From a Pen Tester: 3 Passwords to Eliminate
Every week, Rapid7 conducts penetration testing services for organizations that
cracks hundreds—and sometimes thousands—of passwords. Our current password trove
has more than 500,000 unique passwords that have been collected over the past
two years. Where do these come from? Some of them come from Windows domain
controllers and databases such as MySQL or Oracle; some of them are caught on
the wire using Responder , and some
are pulled out of memory wi
3 min
CIS Controls
Critical Control 16: Account Monitoring and Control
This is a continuation of our CIS critical security controls blog series, which
provides educational information regarding the control of focus as well as tips
and tricks for consideration. See why SANS listed Rapid7 as the top solution
provider addressing the CIS top 20 controls
.
What is CIS Critical Control 16?
In the world of InfoSec, the sexy stuff gets all the attention. Everybody wants
the latest and greatest next-gen produc
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 5/4/18
May the fourth be with you…
Get comfortable, put on your headphones or turn up your speaker volume, and
enjoy this guitar rendition of the
Ewok Celebration, commonly known as Yub Nub
while catching up on
Metasploit updates for the week.
PHP Debugging
Xdebug is an extension for PHP to facilitate development
by providing interactive debugging capabilities and much more. On an
7 min
Metasploit
Hiding Metasploit Shellcode to Evade Windows Defender
Being on the offensive side in the security field, I personally have a lot of
respect for the researchers and engineers in the antivirus industry, and the
companies dedicated to investing so much in them. If malware development is a
cat-and-mouse game, then I would say that the industry creates some of the most
terrifying hunters. Penetration testers and red teamers suffer the most from
this while using Metasploit , which
forced me to look into how to
4 min
Vulnerability Management
CVE 100K: A Big, Round Number
There have been 100,000 CVEs published. That's a big, round number.
6 min
Vulnerability Management
CVE 100K: By The Numbers
There have been 100,000 CVEs published. Here are some stats on the program so far.
3 min
CIS Controls
CIS Critical Security Control 15 Explained: Wireless Access Control – Are You Really Managing Your WiFi?
This is a continuation of our CIS critical security controls blog series
. See why SANS listed
Rapid7 as the top solution provider addressing the CIS top 20 controls
.
Decades ago, your network was a collection of routers, firewalls, switches, wall
ports, and what seemed like a million miles of cable. The only way for your
employees and guests to access it was to be seated nea
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 4/27/18
After last week's seriously serious write-up
, this week
we will return to our norml normal, lighthearted (and Metasploit-hearted)
wrap-ups, though we remain fans of terrible 80s movies.
Drupalgeddon 2: Webdev Boogaloo
After last month's Drupal exploit came to light, nearly a dozen developers have
been hard at work to add a module targeting CVE-2018-7600
. You can
5 min
Vulnerability Management
Drupalgeddon Vulnerability: What is it? Are You Impacted?
First up: many thanks to Brent Cook , William Vu
and Matt Hand for their massive assistance in both the
Rapid7 research into “Drupalgeddon” and their contributions to this post.
Background on the Drupalgeddon vulnerability
The Drupalgeddon 2 vulnerability announcement came out in late March (2018-03-28
) as SA-CORE-2018-002 . The advisory
was released with a patch and CVE (CVE-2018-7600)
2 min
InsightVM
Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine
SC Media has announced the 2018 SC Awards and (drumroll, please…)
InsightVM is proud to take top
honors as Best Vulnerability Management Solution in the Trust Awards category.
Our team works tirelessly day in and day out to bring SecOps best practices
to our customers, help our customers
secure their modern networks, and work across teams to solve their trickiest
problems. It means the world to us when th
3 min
Detection and Response
How to Detect Devices on Your Network Running Telnet Services
Because Telnet is an unencrypted protocol it is important that you monitor your network for any devices running telnet services. Learn more.
4 min
InsightIDR
How to Identify Attacker Reconnaissance on Your Internal Network
The most vulnerable moment for attackers is when they first gain internal access
to your corporate network. In order to determine their next step, intruders must
perform reconnaissance to scout available ports, services, and assets from which
they can pivot and gain access to customer databases, credit card data, source
code, and more. These initial moments are arguably your best opportunities to
catch attackers before critical assets are breached, but unfortunately, it can
be very challenging t
5 min
CIS Controls
CIS Critical Control 14 Explained: Controlled Access Based on the Need to Know
This is a continuation of our CIS critical security controls blog series
. See why SANS listed
Rapid7 as the top solution provider addressing the CIS top 20 controls.
Let’s start with some simple, yet often unasked questions. Do you know what
critical assets—information and data, applications, hardware, SCADA systems,
etc.—exist in your organization’s network? Do you have a data classification
policy? Who defines the criticality of systems
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 4/20/18
You may have noticed that our weekly wrapups
tend to be very
light-hearted. A few might say our blog is humourous. Some might even argue that
they incorporate low-brow internet jokes and an excessive quantity of memes.
Well, I'm here to say we've turned over a new leaf. No longer will cheap comedy
cover the pages of this professional publication.
In honor of April 20th, this blog post will remain serious.
Seriously.
Google Summer of