Posts tagged Vulnerability Management

7 min Vulnerability Management

Patch Tuesday - February 2021

The second Patch Tuesday of 2021 is relatively light on the vulnerability count, with 64 CVEs being addressed across the majority of Microsoft’s product families. Despite that, there’s still plenty to discuss this month. Vulnerability Breakdown by Software Family FamilyVulnerability CountWindows28ESU14Microsoft Office11Browser9Developer Tools 8Microsoft Dynamics2Exchange Server2Azure2System Center2Exploited and Publicly Disclosed Vulnerabilities One zero-day was announced: CVE-2021-1732 [https:

2 min News

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

Cisco has released security updates to address vulnerabilities in most of their product portfolio.

2 min Vulnerability Management

Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)

InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.

1 min Vulnerability Management

Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?

Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize.

7 min Vulnerability Management

Patch Tuesday - January 2021

We arrive at the first Patch Tuesday of 2021 (2021-Jan [https://msrc.microsoft.com/update-guide/releaseNote/2021-Jan]) with 83 vulnerabilities across our standard spread of products.  Windows Operating System vulnerabilities dominated this month's advisories, followed by Microsoft Office (which includes the SharePoint family of products), and lastly some from less frequent products such as Microsoft System Center and Microsoft SQL Server. Vulnerability Breakdown by Software Family FamilyVulnera

3 min InsightVM

Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution

Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals.

3 min InsightVM

How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM

In this blog, we will be focusing on a simple use case that enables your organization to achieve greater visibility into your policy customization process.

4 min Vulnerability Management

The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices

Based on the assessment of 24 service protocols, Rapid7’s NICER revealed key insights about the current state of the internet.

7 min Vulnerability Management

SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know

On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.

2 min InsightVM

New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility

When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities.

5 min Under the Hoodie

2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities

Understanding the vulnerabilities that pen testers rely on will help you make sure your organization is prepared to patch particular vulnerabilities.

6 min InsightVM

How to Create an OS-Based Policy Scanning Workflow in InsightVM

In this blog, we provide a step-by-step walkthrough of how to create an OS-based policy scanning workflow in InsightVM.

3 min Vulnerability Management

Threat and Vulnerability Management Best Practices

In this blog post, we provide a high-level overview of vulnerability management and why it’s critical for modern businesses.

3 min Vulnerability Management

Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Once upon a time (just a handful of years ago), vulnerability management programs [https://www.rapid7.com/fundamentals/vulnerability-management-program-framework/] focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation now happens indiscriminately across the modern attack surface—from local and remote endpoints to on-prem and cloud infrastructure to we

3 min Vulnerability Management

Patch Tuesday - November 2020

Jumping right back to a triple digit volume of vulnerabilities resolved, Microsoft covers 112 CVEs this November affecting products ranging from our standard Windows Operating Systems and Microsoft Office products to some new entries such as Azure Sphere. Microsoft CVE-2020-17087: Windows Kernel Local Elevation of Privilege Vulnerability [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17087] Coming as no surprise to anyone, the previously disclosed CVE-2020-17087 zero-day