3 min
Komand
3 Steps for Effective Information Security Event Triage [Infographic]
Before you jump into action when a security alrm sounds, you need to first
assess what happened. Pulling together the details of the event will help you
determine if there is a real security incident, and if so, how you will need to
respond.
But often in the frenzy of security alerts, we get caught up in processes or
start jumping to conclusions without enough info. This can lead to a haphazard
incident response.
From my experience, there's a simpler way; one that is efficienct, not bogged
dow
4 min
Automation and Orchestration
Burp Series: Intercepting and modifying made easy
Synopsis
As a penetration tester I have many tools that I use to help with web
application testing, but the one tool that never lets me down is Burp suite by
portswigger. Burp suite is an intercepting proxy that allows you to modify and
inspect web traffic, it comes in two flavors, free and paid. The free version
is powerful enough to assist any pen test engineer, whereas the paid version
will add extra features to make your tests go smoother and faster.
I am going to walk you through the beg
2 min
Metasploit Wrapup 12/9/16
Finding stuff
For a very long time, msfconsole's search command has used a union of the
results of all search terms. This means that if you do something like search
linux firefox, you'll get a list of all modules that mention linux, regardless
of the application they target, and all modules that mention firefox, regardless
of their platform. Most people are probably expecting the intersection, i.e. you
probably wanted to see only the modules that target Firefox on Linux. So now
that's what happe
7 min
Komand
How to Render Components Outside the Main ReactJS App
We use React here at Komand as one of our core libraries in our front-end
applications and while it does a great job of abstracting away the code for
managing the DOM, sometimes that can be problematic. With React, you have JSX
which is just XML sugar for declaring what DOM elements you want React to
render. React just renders the elements where they are defined within the JSX.
For example, this JSX…
<div className=“content”>
Content
<Modal>
I’m a modal
</Modal>
</div>
... would res
3 min
Nexpose
Nexpose Dimensional Data Warehouse and Reporting Data Model: What's the Difference?
The Data Warehouse Export recently
added
support for a Dimensional Model for its export schema. This provides a much more
comprehensive, accessible, and scalable model of data than the previous (now
referred to as "Legacy") model. The foundation for this dimensional model is the
same as the Reporting Data Model, which backs the built-in reporting for SQL
Query Export. So what exactly is the difference between the Reporting Data
5 min
IT Ops
Solving the expression problem
If you look at any OO-based codebase of a nontrivial size, you’ll
find well understood behavior formalized and encapsulated through the effective
use of polymorphism- either via interfaces which decouple calling code from a
types’ implementation, or via sub typing to share code common to multiple types.
To take an example from a statically typed language like Java, let’s look at the
Map interface and a few of its implementations in the standard library:
A receiving method which
3 min
IoT
IoT Security vs Usability
Recently we all have found ourselves talking about the risk and impact of poorly
secured IoT technology and who is responsible. Fact is there is enough blame to
go around for everyone, but let's not go there. Let us start focusing on
solutions that can help secure IoT technology.
Usability has been an issue that has plagued us since the beginning of time. As
an example, just going back to my youth and seeing my parents VCR flashing 12:00
all the time. We laugh at that, because it showed us thei
4 min
Metasploit
Metasploitable3 Capture the Flag Competition
UPDATE: Leaderboard can be found on this new post
! Plus, some notes that may
be helpful.
Exciting news! Rapid7 is hosting a month-long, world-wide capture the flag(s)
competition!
Rapid7 recently released Metasploitable3
, the latest version of our
attackable, vulnerable environment designed to help security professionals,
students, and researchers alike hone their skills and practice their craft. I
6 min
Honeypots
Introduction to Honeypots
Synopsis
With an ever-increasing number of methods and tactics used to attack networks,
the goal of securing a network must also continually expand in scope. While
traditional methods such as IDS/IPS systems, DMZ’s, penetration testing and
various other tools can create a very secure network, it is best to assume
vulnerabilities will always exist, and sooner or later, they will be exploited.
Thus, we need to continuously find innovative ways of countering the threats,
and one such way is to depl
6 min
Komand
SOC Series: How to Make a Security Operations Center More Efficient
You have your security operations center (SOC)
in place, now
what?
Creating a SOC is not a cheap undertaking, so to be sure your investment in
people and resources pays off, your next task is to make it as efficient as
possible. Efficiency drives time-to-response, and with intrusion detection and
incident response, optimizing for this metric is crucial. Over the long term, it
also becomes more cost-effective.
I’ve seen the good
4 min
Nexpose
Nexpose: Live Assessment and the Passive Scanning Trap
With the launch of Nexpose Now in June, we've talked a lot about the “passive
scanning trap” and “live assessment” in comparison. You may be thinking: what
does that actually mean? Good question.
There has been confusion between continuous monitoring and continuous
vulnerability assessment – and I'd like to propose that a new term “continuous
risk monitoring” be used instead, which is where Adaptive Security and Nexpose
Now fits. The goal of a vulnerability management program
3 min
Nexpose
Vulnerability Assessment Reports in Nexpose: The Right Tool for the Right Job
Nexpose supports a variety of complementary reporting solutions that allows you
to access, aggregate, and take action upon your scan data. However, knowing
which solution is best for the circumstance can sometimes be confusing, so let's
review what's available to help you pick the right tool for the job.
I want to pull a vulnerability assessment report out of Nexpose. What are my
options?
Web Interface
The Nexpose web interface provides a quick and easy way to navigate through your
data. You ca
5 min
Komand
Early Warning Detectors Using AWS Access Keys as Honeytokens
Deception lures are all of the rage these days
, and when deployed properly, are extremely low overhead to maintain and trigger
little to no false alarms. Honeytokens, closely related to honeypots, are
‘tripwires’ that you leave on machines and data
3 min
InsightOps
Announcing InsightOps - Pioneering Endpoint Visibility and Log Analytics
Our mission at Rapid7 is to solve complex security and IT challenges with
simple, innovative solutions. Late last year Logentries joined the Rapid7 family
to help to drive this mission. The Logentries technology itself had been
designed to reveal the power of log data to the world and had built a community
of 50,000 users on the foundations of our real time, easy to use yet powerful
log management and
analytics engine.
Today we are
4 min
IoT
On the Recent DSL Modem Vulnerabilities
by Tod Beardsley and Bob Rudis
What's Going On?
Early in November, a vulnerability was disclosed affecting Zyxel DSL modems,
which are rebranded and distributed to many DSL broadband customers across
Europe. Approximately 19 days later, this vulnerability was leveraged in
widespread attacks across the Internet, apparently connected with a new round of
Mirai botnet activity.
If you are a DSL broadband customer, you can check to see if yo