Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

rpoppa  

AUTHOR STATS:

8

Driving Risk Reduction through RealContext™ in Nexpose 5.9

We are pleased to announce the next major release of Nexpose, version 5.9.  This release focuses on reducing the risk that matters to your business, quickly and efficiently.Business Context?One of the biggest failings of the security industry so far is that…

Simplifying Security Programs with Nexpose 5.7

We are pleased to announce the next version of Nexpose, version 5.7. This release focuses on helping to provide context on how well your Security Program is performing and helping you simplify your vulnerability management processes to help you save time.The last release…

Federally Speaking: Using Nexpose to scan for vulnerabilities associated with IAVA Alerts

What is IAVA?IAVA (Information Assurance Security Alert) is an alert that is generated by the DoD-CERT, part of the U.S. Cyber Command, detailing specific vulnerabilities that are believed to be relevant to the DoD. Policy dictates that these alerts are distributed to system…

Using Dynamic Asset Groups to Detect 0-Day Vulnerabilities

With the addition of the new Metasploit module for the Internet Explorer 8 0-day vulnerability (CVE-2013-1347) that affected the U.S. Department of Labor, and you can find a great writeup on the module on the Metasploit blog here, we felt that it was an…

Simplify Vulnerability Management with Nexpose 5.6

We are pleased to announce the next major release of Nexpose, version 5.6.  This release focuses on providing you the most impactful remediation steps to reduce risk to your organization and extends our current configuration assessment functionality.New Look and FeelThe most visible…

Nexpose adds CyberScope support

The latest version of Nexpose, 5.3, allows federal agencies and consultants to generate reports that can be submitted into the CyberScope reporting tool in compliance with Federal Information Security Act (FISMA) requirements for security information data.CyberScope, which is mandated by the Office of…

Find Vulnerable pcAnywhere Installations with DAGs

On Monday, Symantec made the rare decision to tell their customer base to either uninstall or disable their remote control software suite pcAnywhere. Symantec made this decision because their users were at risk to be exploited by publicly known vulnerabilities that they had not been…

The Advanced Policy Engine

The Advanced Policy Engine is the new configuration compliance framework that was created for the Nexpose 5.0 release.  Advanced? What makes it advanced?  Anyone can call anything "Advanced" these days. A lot of times it is hard to tell if it is…