2 min
Nexpose
Nexpose Content Release Cadence
Over the past year our Nexpose team has taken on the challenge of overhauling
our product and internal processes to enable more frequent and seamless content
releases. The objective is simple, get customers content to their consoles
faster without disrupting their workflow and currently running or scheduled
scans. This enables security teams to respond to industry trends much faster and
coupled with our new adaptive security feature enables low impact delta scans of
just the new or updated vulne
5 min
Vulnerability Management
Using the National Vunerability Database to Reveal Vulnerability Trends Over Time
This is a guest post by Ismail Guneydas. Ismail Guneydas is senior technical
leader with over ten years of experience in vulnerability management, digital
forensics, e-Crime investigations and teaching. Currently he is a senior
vulnerability manager at Kimberly-Clark and an adjunct faculty at Texas A&M. He
has M.S. in computer science and MBA degrees.
2015 is in the past, so now is as good a time as any to get some numbers
together from the year that was and analyze them. For this blog post,
8 min
IT Ops
Using JavaScript to interact with the REST Query API
We’re very excited to announce that our REST Query API is now available
. With this API, you can:
* make it easy to remotely query your log data
* easily integrate Logentries with third party solutions, external systems and
internal tools
* allow users and systems to query their log data programmatically over our
REST API
In this article, I will show how you can quickly interact with the Query API by
sending in a LEQL query
3 min
IT Ops
How to: Send SMS messages to Logentries in under 5 minutes (maybe 10)
The “Internet Of Things” continues to be talked about a lot with an increasing
number of devices now containing some sort of smart functionality which can be
interacted with. Here’s a great article about end-to-end IoT monitoring
by colleague David Tracey.
However, not all IoT devices can be in locations with WiFi or 3/4G coverage, so
they can not easily (or at all) send or receive data over the internet, and
instead rely on standard cellula
2 min
Nexpose
Adaptive Security: Rapid7 Critical Vulnerability Category
Starting this week, we have added a new vulnerability category: Rapid7 Critical.
When we examine a typical vulnerability, each vulnerability comes with various
pieces of information such as CVE id, CVSS score, and others. These pieces of
information can be very handy especially when you set up Automated Actions in
Nexpose. Here is an example:
As you can see the example on the right, this trigger will initiate a scan
action if there is a new coverage available that meets the criteria of CVSS
4 min
Komand
What Security Operations Teams Can Learn From Modern Productivity Software
Between your devices, how many apps do you have?The answer for many is
dozens, if not hundreds. And many are designed to help us be more efficient: to
keep track of growing to do lists, manage complex work tasks, or streamline
communication with teams. The trouble is, many of these apps don’t talk to each
other very neatly, efficiently, or at all.
So it’s no wonder that when the app orchestration solution IFTTT was launched,
over one million tasks
2 min
Microsoft
On Badlock for Samba (CVE-2016-2118) and Windows (CVE-2016-0128)
Today is Badlock Day
You may recall that the folks over at badlock.org stated
about 20 days ago that April 12 would see patches for "Badlock," a serious
vulnerability in the SMB/CIFS protocol that affects both Microsoft Windows and
any server running Samba, an open source workalike for SMB/CIFS services. We
talked about it back in our Getting Ahead of Badlock
post, and hopefully, IT administrators
have taken advantage of the pre-releas
4 min
IT Ops
How to Log from Azure Virtual Machines
You have evaluated the many IaaS providers
out there and you have decided on Azure Compute
.
Great choice! Azure is an ideal provider with broad support for various
operating systems, programming languages, frameworks, tools, databases and
devices. Azure also has the unique ability to facilitate hybrid deploymen
4 min
Komand
The Dangers Of Linear Thinking and Why Security Analysts Should Defend in Graphs
One of my favorite tweets-turned-into blogs of last year was one by Microsoft
security’s John Lambert: “Defenders think in lists, attackers think in graphs.
” Though it certainly doesn’t entirely sum up the challenges of being a
defender, it drummed up some interesting conversation/controversy on twitter.
Plus as a nice, pithy statement, it has a good r
15 min
IT Ops
How to Compare Google Compute Engine & AWS EC2
Which Virtual Machine is Best: Google’s Compute Engine or Amazon’s EC2? It
Depends.
The Internet might seem like a Wild West of chaotic connections because it often
is. Companies like Google and Amazon have
been managing to create order out of the chaos for years by understanding the
nature of the World Wide Web. Within the last 10 years, Google and Amazon have
leveraged that understanding into a robust suite of product offerings in the
field of Infrastructure-as-a- Service, or IaaS.
The corn
6 min
Government
Vulnerability Disclosure and Handling Surveys - Really, What's the Point?
Maybe I'm being cynical, but I feel like that may well be the thought that a lot
of people have when they hear about two surveys posted online this week to
investigate perspectives on vulnerability disclosure and handling. Yet despite
my natural cynicism, I believe these surveys are a valuable and important step
towards understanding the real status quo around vulnerability disclosure and
handling so the actions taken to drive adoption of best practices will be more
likely to have impact.
Hopef
3 min
Metasploit
Securing Your Metasploit Logs
Metasploit, backed by a community of 200,000 users and contributors is the most
impactful penetration testing solution on the planet. With it, uncover
weaknesses in your defenses, focus on the highest risks, and improve your
security outcomes. Your Metasploit Pro console produces a lot of important logs.
It is essential to be able to review these logs, alert on them, and keep them
secure.
Why should I monitor these logs?
The logs produced by your Metasploit Pro console are helpful when
troubl
3 min
Automation and Orchestration
What is Security Orchestration?
The best security operation centers (SOCs)
are built on
efficiency and speed-to-response. But if you’ve ever worked in a SOC or on a
security team, you know it’s tough to get your security systems, tools and teams
to integrate in a way that streamlines detection, response, and remediation.
One of the most tedious tasks of all is cobbling together alert details to
assess if a security event is a real threat, along with correlating
5 min
Javascript
Client Side Logging In Javascript
Developers are writing Javascript applications of increasing complexity designed
to run in web browsers, on desktops, and on servers. Javascript applications
have reached a level of maturity that means they are running important business
operations. They must be more maintainable and supportable now that they have
achieved this level of responsibility in the enterprise. Javascript
applications should be expected to provide the same information for support and
maintenance as any other applic
3 min
Endpoint Security
IDC: 70% of Successful Breaches Originate on the Endpoint
Most organizations focus on their server infrastructure when thinking about
security – a fact we often see in our Nexpose
user base where many companies only
scan their servers. However, IDC finds that 70% of successful breaches originate
on the endpoint.
This does not necessarily imply insider threats, it is rather a sign that
phishing is prevalent, cheap, and surprisingly effective in compromising
machines. Given this compelling data, I strongly urge