Tag Archives: Rapid7

Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2022 and new improvements in my Vulristics project. I decided to add more comment sources. Because it’s not just Tenable, Qualys, Rapid7 and ZDI make Microsoft Patch Tuesday reviews, but also other security companies and bloggers.

Alternative video link (for Russia): https://vk.com/video-149273431_456239085

You can see them in my automated security news telegram channel avleonovnews after every second Tuesday of the month. So, now you can add any links with CVE comments to Vulristics.

Continue reading

Microsoft Patch Tuesday February 2022

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2022. I release it pretty late, because of the my previous big episode about the blindspots in the Knowledge Bases of Vulnerability Scanners. Please take a look if you haven’t seen it. Well, if you are even slightly interested in the world news, you can imagine that the end of February 2022 in Eastern Europe is not the best time to create new content on Vulnerability Management. Let’s hope that peace and tranquility will be restored soon. And also that geopolitical confrontation between the largest nuclear powers will de-escalate somehow.

But let’s get back to information security. While working on Microsoft Patch Tuesday report for February 2022, I made a lot of improvements to my open source project for vulnerability prioritization Vulristics. I want to start with them.

Continue reading

Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020

In this episode I would like to make a status update of my Vulristics project. For those who don’t know, in this project I retrieve publicly available vulnerability data and analyze it to better understand the severity of these vulnerabilities and better prioritize them. Currently, it is mainly about Microsoft Patch Tuesday vulnerabilities, but I have plans to go further. Also in this episode I want to demonstrate the new Vulristics features on Microsoft Patch Tuesday reports for October, November and December 2020.

Vulristics Vulnerability Scores, automated data collection and Microsoft Patch Tuesday Q4 2020

Patch Tuesdays Automated Data Collection

First of all, I dealt with the annoying collecting of the data for Microsoft Patch Tuesdays reports. Previously it took pretty long time. I had to go to Microsoft website and search for CVE IDs. After that, I had to get the comments from various Vulnerability Management vendors and researchers blogs (Tenable, Qualys, Rapid7, ZDI). I wanted this to be as much automated as possible. I have added some code to make CVE search requests on the Microsoft website for a date range (including the second Tuesday of the month). I also figured out how to make searches on the Vulnerability Management vendors blogs. So, now to get a Microsoft Patch Tuesday report it’s only necessary to set the year and month.

Continue reading

Microsoft Patch Tuesday September 2020: Zerologon and other exploits, RCEs in SharePoint and Exchange

I would like to start this post by talking about Microsoft vulnerabilities, which recently turned out to be much more serious than it seemed at first glance.

Older Vulnerabilities with exploits

“Zerologon” Netlogon RCE (CVE-2020-1472)

One of them is, of course, the Netlogon vulnerability from the August 2020 Patch Tuesday. It’s called “Zerologon”. I would not say that Vulnerability Management vendors completely ignored it. But none of them (well, maybe only ZDI) emphasized in their reports that this vulnerability would be a real disaster.

Continue reading

Microsoft Patch Tuesday May 2020: comments from VM vendors, promising stuff for phishing, troubles with SharePoint and lulz with Visual Studio

This will be my third Microsoft Patch Tuesday report in video and audio format. And for the third time in a row, Microsoft has addressed over a hundred vulnerabilities. With my Microsoft Patch Tuesday parser, it was possible to generate a report almost on the same day. But, of course, it takes much more time to describe the vulnerabilities manually.

Microsoft Patch Tuesday May 2020
  • All vulnerabilities: 111
  • Critical: 16
  • Important: 95
  • Moderate: 0
  • Low: 0

Last time I complained that different VM vendors release completely different reports for Microsoft Patch Tuesday. This time I decided that it’s not a bug, but a feature. I upgraded my script to not only show vulnerabilities, but also show how these vulnerabilities were mentioned in the reports of various VM vendors (Tenable, Qualys, Rapid7 and ZDI). In my opinion, it seems pretty useful.

Continue reading

Forrester report for Rapid7: number juggling and an excellent overview of Vulnerability Management problems

I recently read Forrester’s 20-page report “The Total Economic Impact™ Of Rapid7 InsightVM“. It is about the Cost Savings And Business Benefits that Vulnerability Management solution can bring to the organizations.

Forrester report for Rapid7

In short, I didn’t like everything related to money. It seems like juggling with numbers, useless and boring. But I really liked the quotes from customers who criticized existing Vulnerability Management solutions, especially the low quality of the remediation data. These are the real pain points of Vulnerability Management process.

How did Forrester count money?

Forrester interviewed five existing customers of Rapid7 and created a “composite organization”.

This “composite organization” has 12,000 IT assets and spends $223,374 per year on Rapid7 InsightVM ($670,123 for 3 years) including integrations and trainings costs. That means $18 per host. Well, quite a lot, especially when compared to unlimited Nessus Professional for just $2,390 per year. A wonderland of Enterprise Vulnerability Management. 🙂

Continue reading

Vulnerability Management Product Comparisons (October 2019)

Here I combined two posts [1.2] from my telegram channel about comparisons of Vulnerability Management products that were recently published in October 2019. One of them was more marketing, published by Forrester, the other was more technical and published by Principled Technologies.

Vulnerability Management Product Comparisons (October 2019)

I had some questions for both of them. It’s also great that the Forrester report made Qualys, Tenable and Rapid7 leaders and Principled Technologies reviewed the Knowledge Bases of the same three vendors.

Let’s start with Forrester.

Continue reading