Tag Archives: Rapid7

Tenable doesn’t want to be Tenable anymore

Tenable doesn’t want to be Tenable anymore. “Neither Rapid7”. It’s from the interview of HD Moore, founder of the Metasploit and ex-CRO of Rapid7, that he recently gave to Paul Asadoorian, ex-Product Strategist Tenable, in the latest episode of “Startup Security Weekly”. It’s a great show, strongly recommend it, as well as “Enterprise Security Weekly” and others. See all subscription options available here.

VM Vendors Market

The most interesting part for me is 00:05:00 till 00:10:00. Talking about the best areas for security startups, HD Moore recommended to take a close look on cloud-based WAFs, like Signal Sciences, Cloudflare. It’s relatively easy to find customers for such projects. However it’s very expansive to build it up and investments are required.

HD Moore doesn’t see lot’s of folks building new content-based security products, such as Tenable, Rapid7, Metasploit. It makes him sad and me either. Instead of regular updates of security content and signatures, new companies rely more on things like machine learning. It’s a good start, but it won’t solve all the problems.

Continue reading

PCI DSS 3.2 and Vulnerability Intelligence

PCI DSS 3.2 and Vulnerability Intelligence. Establish a process to identify security vulnerabilities, using reputable outside sources for security vulnerability information… It’s one of the requirements of PCI DSS v3.2 (The Payment Card Industry Data Security Standard). It’s not about regular scans, as you could think. It is actually about monitoring web-sites and mailing lists where information about vulnerabilities is published. It’s very similar to what Vulnerability Intelligence systems have to do, isn’t it? A great opportunity for me to speculate about this class of products and deal with related PCI requirement. In this post I will mention following solutions: Flexera VIM, Rapid7 Nexpose NOW, Vulners.com and Qualys ThreatPROTECT.

PCI DSS 3.2 and Vulnerability Intelligence

Term “Vulnerability Intelligence” is almost exclusively used by only one security company – Secunia, or how it is called now Flexera Software. But I like this term more than “Threat Intelligence”, a term that many VM vendor use, but historically it is more about traffic and network attacks. Let’s see how Vulnerability Intelligence solutions was developed, and how they can be used (including requirements of PCI Compliance).

Continue reading

Who will take the market share of McAfee Vulnerability Manager?

Who will take the market share of McAfee Vulnerability Manager? McAfee® Vulnerability Manager (MVM) End of Life

We are observing an interesting case now. Short time ago, Intel Security have finally killed their McAfee® Vulnerability Manager (MVM) / FoundStone product and mutually with Rapid7 presented “Nexpose‬ Migration Toolkit”.

MVM to Nexpose migration

The Migration Toolkit contains Deployment and Migration related documentation that outlines the migration path, as well as a proprietary utility to easily migrate several key components of the customers MVM deployment into Nexpose.

Continue reading

An introduction to Rapid7 Nexpose API

An introduction to Rapid7 Nexpose API. Another nice thing about Nexpose is that this vulnerability scanner has an open API. And even free Nexpose Community Edition supports it.

Rapid7 Nexpose API

It’s a really generous gift from Rapid7. That means that you can use Nexpose to scan your environment, easily manage it from your scripts and make any vulnerability assessment and remediation logic you need.

I haven’t found manuals about using Nexpose API to automate basic vulnerability management tasks and decided to write my own. Hope somebody will find it useful. All examples will be in form of curl requests.

Working with Nexpose API is nothing more than sending xml Post-requests to the https://[Nexpose Host]:3780/api/[API Version]/xml and receiving xml responses.
Continue reading

Testing Rapid7 Nexpose CE vulnerability scanner

Testing Rapid7 Nexpose CE vulnerability scanner. Today I want to write about another great vulnerability management solution – Nexpose Community Edition by Rapid7. What makes it special? Nexpose CE is a fully functional network vulnerability scanner that can be used for free not only by home users (Nessus Home, for example, has such restrictions), but also by the companies.

Nexpose Community Edition by Rapid7

However, the company should be quite small. By using Nexpose Community Edition you have a permission to scan only 32 ip addresses. But it could be any kind of host: Linux and Windows, Unix and network equipment. And you can scan it as often as you like, with different profiles and produce wide range of reports.

Continue reading