4 min
Customer Perspective
Why Bow Valley College Gives Rapid7 InsightVM High Marks for Vulnerability Management
Bow Valley College uses InsightVM dashboards to identify quick wins, measure
success, and communicate to senior leadership. James Cairns, database
administrator at Bow Valley College, gave us a look into their vulnerability
management journey with Rapid7.
It’s my job to assess vulnerabilities, facilitate patching, and work with the
rest of my infrastructure team to optimize our resources in order to stay on top
of security issues. As the database administrator for Bow Valley College in
Calgary,
2 min
Patch Tuesday
Patch Tuesday - June 2018
This month's Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/7d4489d6-573f-e811-a96f-000d3a33c573]
is rather run-of-the-mill, with a total of 50 vulnerabilities being addressed by
Microsoft. However, a bit of excitement came earlier this month, with an
out-of-band patch for Adobe Flash Player released last Thursday
[https://helpx.adobe.com/security/products/flash-player/apsb18-19.html] to fix
four security issues. Two of these were flaws that can lead
4 min
Vulnerability Management
CVE 100K: A Big, Round Number
There have been 100,000 CVEs published. That's a big, round number.
6 min
Vulnerability Management
CVE 100K: By The Numbers
There have been 100,000 CVEs published. Here are some stats on the program so far.
5 min
Vulnerability Management
Drupalgeddon Vulnerability: What is it? Are You Impacted?
First up: many thanks to Brent Cook [/author/brent-cook/], William Vu
[/author/william-vu/] and Matt Hand for their massive assistance in both the
Rapid7 research into “Drupalgeddon” and their contributions to this post.
Background on the Drupalgeddon vulnerability
The Drupalgeddon 2 vulnerability announcement came out in late March (2018-03-28
) as SA-CORE-2018-002 [https://www.drupal.org/sa-core-2018-002]. The advisory
was released with a patch and CVE (CVE-2018-7600)
[https://www.rapid7.com/
2 min
InsightVM
Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine
SC Media has announced the 2018 SC Awards and (drumroll, please…)
InsightVM [https://www.rapid7.com/products/insightvm/] is proud to take top
honors as Best Vulnerability Management Solution in the Trust Awards category.
Our team works tirelessly day in and day out to bring SecOps best practices
[https://www.rapid7.com/solutions/secops/] to our customers, help our customers
secure their modern networks, and work across teams to solve their trickiest
problems. It means the world to us when th
5 min
Vulnerability Management
How to Remediate Vulnerabilities Across Multiple Offices
Your vulnerability scanner [https://www.rapid7.com/products/insightvm/] embarks
on its weekly scan. The report comes in, you fire it off to your IT team across
the country and...silence. Thinking they’re on it, you go on with your day,
until next week’s scan report comes in and you find out that not everything was
fixed and issues have progressed.
For companies with distributed offices, it can be tricky to communicate issues
to teammates you have limited facetime with, get things done quickly w
3 min
Patch Tuesday
Patch Tuesday - April 2018
Over 70 vulnerabilities have been fixed this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/abf77563-8612-e811-a966-000d3a33a34d]
, including 6 in Adobe Flash
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180007] (
APSB18-08
[https://helpx.adobe.com/security/products/flash-player/apsb18-08.html]).
At a high level, there's nothing too out of the ordinary. Unfortunately, that
means the majority of the patched vulnerabilities are once ag
3 min
Vulnerability Management
Cisco Smart Install (SMI) Remote Code Execution
What You Need To Know
Researchers from Embedi discovered
[https://web.archive.org/web/20180828224625/https://embedi.com/blog/cisco-smart-install-remote-code-execution/]
(and responsibly disclosed) a stack-based buffer overflow weakness in Cisco
Smart Install Client code which causes the devices to be susceptible to
arbitrary remote code execution without authentication.
Cisco Smart Install (SMI) is a “plug-and-play” configuration and
image-management feature that provides zero-touch deployment
3 min
Vulnerability Management
Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management
Today, we’re excited to announce a major milestone for InsightVM
[https://www.rapid7.com/products/insightvm/]: Recognition as a Leader in The
Forrester Wave™: Vulnerability Risk Management, Q1 2018, earning top scores in
both the Current Offering and Strategy categories. We are proud of the
achievement not only because of years of hard work from our product team, but
also because we believe that it represents the thousands of days and nights
spent working with customers to understand the challen
2 min
Patch Tuesday
Patch Tuesday - March 2018
There are a lot of fixes this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c8fa125-28f6-e711-a963-000d3a33a34d]
: Microsoft's updates include patches for 76 separate vulnerabilities, including
two critical Adobe Flash Player remote code execution (RCE) vulnerabilities
[https://helpx.adobe.com/security/products/flash-player/apsb18-05.html].
In fact all of this month's critical vulnerabilities are browser-related. This
is not surprising considering web brows
4 min
CIS Controls
CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services
This is a continuation of our CIS Critical Control Series blog series. Need help
addressing these controls? See why SANS listed Rapid7 as the top solution
provider addressing the CIS top 20 controls
[https://www.rapid7.com/solutions/compliance/critical-controls/].
If you’ve ever driven on a major metropolitan highway system, you’ve seen it:
The flow of traffic is completely engineered. Routes are optimized to allow
travelers to reach their destinations as quickly as possible. Traffic laws
speci
2 min
Patch Tuesday
Patch Tuesday - February 2018
It's a run-of-the-mill month as far as Patch Tuesdays go. Even so, 50 individual
CVEs have been fixed
[https://helpx.adobe.com/security/products/acrobat/apsb18-02.html] by Microsoft,
most of which (34) are rated "Important". As usual, most of the 14 considered
"Critical" are web browser vulnerabilities that could lead to remote code
execution (RCE). The most concerning non-browser issue is CVE-2018-0825
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0825]
, an RCE i
2 min
InsightVM
Vulnerability Management Year in Review, Part 3: Remediate
The wide impact
[https://www.wired.com/story/petya-ransomware-outbreak-eternal-blue/] of the
Petya-like ransomware
[https://www.rapid7.com/blog/post/2017/06/27/petya-ransomware-explained/] in
2017, mere weeks after WannaCry
[https://www.rapid7.com/blog/post/2017/05/12/wanna-decryptor-wncry-ransomware-explained/]
exploited many of the same vulnerabilities, illustrated the challenge that
enterprises have with remediating even major headline-grabbing vulnerabilities,
let alone the many vulnerabil
4 min
InsightVM
A RESTful API for InsightVM
With 2017 firmly in the rear-view mirror, we peer forward into 2018 and thanks
to genre-bending vulnerabilities like Meltdown and Spectre
[/2018/01/04/meltdown-and-spectre-what-you-need-to-know-cve-2017-5715-cve-2017-5753-cve-2017-5754/]
the future would seem a bit blurry. Louis Pasteur
[https://en.wikiquote.org/wiki/Louis_Pasteur] is attributed with the quote:
“Chance favors the prepared mind.” Pasteur’s work precedes information security
as we know it today by a century, but as an an individu