0 min
Rapid7 Culture
Holiday greetings from all of us at Rapid7!
As we reach the end of December and the end of the year, we wanted to take a
moment to pause and recognize what an amazing year it has been -- and how
grateful we are to EVERYONE who made 2015 so memorable. That's why we put
together this short video as a way to say, quite simply, thank you.
(Please note: If you see a grey box instead of a video above, the player may
take a moment to load.)
Happy holidays and happy new year!
~ @mvarmazis
6 min
API
AppSpider's Got Swagger: The first end-to-end security testing for REST APIs
We are thrilled to announce a major new innovation in application security
testing. AppSpider is the first Dynamic Application Security Testing (DAST)
solution capable of testing Swagger-enabled APIs. Swagger is one of the most
popular frameworks for building APIs and the ability to test Swagger-enabled
APIs is not only a huge time savings for application security testing experts,
but also enables Rapid7 customers to more rapidly reduce risk.
Why does this matter?
Modern applications make liber
2 min
Metasploit
How to Avoid Common Mistakes in your Metasploit Community/Pro License Key Request
As a result of export restrictions placed on Metasploit Community and Pro
trials, this year we have introduced some new systems to help process license
requests. We have received a lot of questions about this, and this post will
hopefully answer some of them for you. If you haven't read the original blog
post about the export controls
, please take a moment to review the information there on the updates an
2 min
Nexpose
More TLS Improvements in Nexpose 6.1.2
After releasing TLS Coverage Improvements in Nexpose 6.0.2
we figured that the
Nexpose Security Console should be able to abide by our own suggestions. Last
year we had already disabled SSLv3 support by default and allowed configuring
what other protocols are enabled on the console as well. With this week's
release we're limiting the TLS cipher suites available to the console's web
server by default. Similar to the protocols, the cipher suit
12 min
Vulnerability Disclosure
Multiple Disclosures for Multiple Network Management Systems
Today, Rapid7 is disclosing several vulnerabilities affecting several Network
Management System (NMS) products. These issues were discovered by Deral Heiland
of Rapid7 and independent researcher Matthew
Kienow , and reported to vendors and CERT
for coordinated disclosure per Rapid7's disclosure policy. All together, we're
disclosing six vulnerabilities that affect four NMSs, four of which are expected
to be patched by the time o
3 min
IT Ops
Logentries recognized by Docker as Ecosystem Technology Partner for Logging
Since last year, we’ve anticipated the impact of Docker
and have been building integrations
– first as experiments
and later as
full-blown solutions
. It’s therefore
with great pleasure that we’re announcing our recognition by Docker as an
Ecosystem Technology Partner for Logging.
Why Monitor Docker Logs?
Most teams that
10 min
Vulnerability Disclosure
R7-2015-22: ManageEngine Desktop Central 9 FileUploadServlet connectionId Vulnerability (CVE-2015-8249)
ManageEngine Desktop Central 9
suffers from a
vulnerability that allows a remote attacker to upload a malicious file, and
execute it under the context of SYSTEM. Authentication is not required to
exploit this vulnerability.
In addition, the vulnerability is similar to a ZDI advisory released on May 7th,
2015, ZDI-15-180 . This
advisory specifically mentions computerName, and this is
5 min
SIEM
5 Ways Attackers Can Evade a SIEM
I've been in love with the idea of a SIEM
since I was a system administrator.
My first Real Job™ was helping run a Linux-based network for a public
university. We were open source nuts, and this network was our playground.
Things did not always work as intended. Servers crashed, performance was
occasionally iffy on the fileserver and the network, and we were often
responding to outages.
Of course, we had tools to alert us when outages were going on. I
5 min
IT Ops
Analysing Hystrix metrics with Logentries
We’ve been using Hystrix in
production here at Logentries for over a year now [shameless plug: I briefly
talked about this
at a Clojure Ireland meetup recently :)] and have found it useful not only for
bulkheading requests, but
for getting fine-grained metrics for internal API calls.
Netflix has also open-sourced a funky dashbo
1 min
Nexpose
Configuring the SNMP request timeout
The SNMP protocol is very common, has many implementations and is deployed in
diverse networks. In some cases it responds very promptly, in others it is
relatively slow to respond. We found that in some environments a 1 second
request timeout was insufficient, so in Nexpose 6.1.1 we have changed the
default to 3 seconds in order to improve the service and related vulnerability
detection.
This, however, can have a major impact on scan times on port 161 and may not be
desirable on networks with l
5 min
Rapid7 Culture
Rapid7 Belfast Office First Hackathon!
What an exciting year 2015 has been to work at Rapid7! We had our IPO and made
two awesome acquisitions' in NT OBJECTives (NTO) and Logentries. Another of the
many notable events that have occurred over the past 18 – 24 months has been the
growth seen in the size of the products team. At the core of this expansion has
been the Belfast R & D office, which has now been established for almost 2
years. Leonardo da Vinci said, “One shall be born from small beginnings which
rapidly become vast.” This
12 min
Apple
Reduced Annoyances and Increased Security on iOS 9: A Win Win!
Introduction
Early this year, I posted an article
on iOS Hardening that used animated GIFs to explain most of the recommended
settings.
Since then, iOS 9 was released, bringing along many new features
, including better support for
Two-Factor Authentication, as iMessage and FaceTime now work without the need
for app-specific passwords, and as your trusted devices now automatically get
trusted when you authentic
4 min
IT Ops
Introducing LEQL: percentile() & median
While analyzing data, it’s important to use a variety of calculations to ensure
you get the best insights. Today, we’re excited to announce the availability of
our two newest LEQL functions: percentile() and median.
percentile() allows you to calculate the number below which a given percentage
of your log entries fall. To use a real world example, what was the longest
response time for 95% of my application’s users? Similarly, median (or the 50th
Percentile) gives you the middle number in a s
4 min
Vulnerability Management
How Adaptive Security fits into your Vulnerability Management Program
Building an Application Vulnerability Management Program, found in the SANS
Institute Reading Room (
https://www.sans.org/reading-room/whitepapers/application/building-application-v
ulnerability-management-program-35297), identifies vulnerability program
management as a cyclical process involving the following steps:
* Policy
* Discovery and Baseline
* Prioritization
* Shielding and Mitigation
* Eliminating the Root Cause
* Monitoring
While the use of Nexpose applies to several of these
4 min
IoT
The Internet of Gas Station Tank Gauges -- Take #2
In January 2015, Rapid7 worked with Jack Chadowitz and published research
related to Automated Tank
Gauges (ATGs) and their exposure on the public Internet. This past September,
Jack reached out to us again, this time with a slightly different request. The
goal was to reassess the exposure of these devices and see if the exposure had
changed, and if so, how and why, but also to see if there were other ways of
identifying potentially exposed