Rapid7 Blog

Nathan Palanov  

AUTHOR STATS:

19

Container Security Assessment in InsightVM

Earlier in the year in this blog post around modern network coverage and container security in InsightVM, we shared Rapid7’s plans to better understand and assess the modern and ever-changing network with Docker and container security. We began by introducing discovery of Docker hosts…

Vulnerability Management Market Disruptors

Gartner’s recent vulnerability management report provides a wealth of insight into vulnerability management (VM) tools and advice for how to build effective VM programs. Although VM tools and capabilities have changed since the report’s last iteration in 2015, interestingly one thing hasn’t:…

Cleaning House: Maintaining an accurate and relevant vulnerability management program

When Nexpose launched in the early 2000s, technology was vastly different from the world we live in today: most people connected to the internet over dial-up modems, personal computers were shared within the household, and televisions were still set-top boxes. Technology has evolved dramatically since…

Protecting against DoublePulsar infection with InsightVM and Nexpose

After WannaCry hit systems around the world last month, security experts warned that the underlying vulnerabilities that allowed the ransomworm to spread are still unpatched in many environments, rendering those systems vulnerable to other hacking tools from the same toolset. Rapid7's Project Heisenberg continues to…

Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose

Just when you'd finished wiping away your WannaCry tears, the interwebs dropped another bombshell: a nasty Samba vulnerability, CVE-2017-7494 (no snazzy name as of the publishing of this blog, but hopefully something with a Lion King reference will be created soon). As with WannaCry, we…

Modern Network Coverage and Container Security in InsightVM

For a long time, the concept of “infrastructure” remained relatively unchanged: Firewalls, routers, servers, desktops, and so on make up the majority of your network. Yet over the last few years, the tides have begun to shift. Virtualization is now ubiquitous, giving employees…

Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose

*Update 5/18/17: EternalBlue exploit (used in WannaCry attack) is now available in Metasploit for testing your compensating controls and validating remediations. More info: EternalBlue: Metasploit Module for MS17-010. Also removed steps 5 and 6 from scan instructions as they were not strictly necessary…

InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)

In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR users, who now had the capabilities of a SIEM, powered by user behavior analytics (UBA) and endpoint detection. Soon we started…

2017 Cybersecurity Excellence Awards: And the Nominees Are...

With the end of the year comes the annual "best of" awards season, and cybersec is no different. This year, Rapid7 has been nominated for 10 awards at the Cybersecurity Excellence Awards! It's up to you, the practitioners and folks in the trenches, to vote…

Vulnerability Categories and Severity Levels: "Informational" Vulnerabilities vs. True Vulnerabilities

A question that often comes up when looking at vulnerability management tools is, “how many vulnerability checks do you have?” It makes sense on the surface; after all, less vulnerability checks = less coverage = missed vulnerabilities during a scan right? As vulnerability researchers would tell you,…

Vulnerability Management: Live Assessment and the Passive Scanning Trap

With the launch of Nexpose Now in June, we've talked a lot about the “passive scanning trap” and “live assessment” in comparison. You may be thinking: what does that actually mean?  Good question. There has been confusion between continuous monitoring and continuous vulnerability assessment – and…

Nexpose integrates with McAfee ePO and DXL: The first unified vulnerability management solution for Intel Security customers!

We wanted to give you a preview into Nexpose's new integration with both McAfee ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL); this is the next stage of our partnership with Intel as their chosen vendor for vulnerability management [PDF]. This partnership is also…

Creating your First Vulnerability Scan: Nexpose Starter Tips

Welcome to Nexpose and the Rapid7 family! This blog is a step by step guide for new Nexpose customers to show you how to set up your first site, start a scan, and get your vulnerability management program under way.First thing's first: A few…

Remediating the CISCO EXTRABACON Vulnerability (CVE-2016-6366) with Nexpose

Recently, our research team recently wrote an extensive blog on the EXTRABACON exploit (finally a name that we can all get behind). Our research with Project Sonar showed that a large number of devices and organizations are still exposed to this vulnerability, even though a…

Building A Vulnerability Management Program that Thinks Like an Attacker, But Prioritizes Like a Business

Vulnerabilities are not created equal, not when there are so many dependencies, not only around the vuln itself, but it's applicability to your business. Sure, CVSS helps, a little, but ultimately what it has left us all with is a long list of 9s and…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now