5 min
Nexpose
Focusing on Default Accounts - Targeted Analysis With Nexpose
In my last blog post I went in depth on Impact Driven Analysis and Response
[/2016/05/26/impact-driven-risk-analysis], an often-overlooked but very handy
analysis option in Nexpose. Today I'd like to talk about another great option
for analysis - filtering assets based on their discovered vulnerabilities by
Vulnerability Category. We will use Filtered Asset search to take a focused look
at a specific category: Default Account findings.
Default accounts are high significance findings with low e
4 min
Nexpose
Impact Driven Risk Analysis and Response With Nexpose
Today I'd like to highlight an often overlooked but very handy analysis option
in Nexpose - filtering assets based on their discovered vulnerability CVSS
Impact Metrics (Confidentiality, Integrity, Availability).
We will use RealContext tags and Filtered Asset Search to answer the following
questions:
* Are there any Availability Impact findings on High Availability systems? (
i.e. web servers, authentication servers)
* Are there any Confidentiality Impact findings on systems with Highly
2 min
Nexpose
Nexpose Content Release Cadence
Over the past year our Nexpose team has taken on the challenge of overhauling
our product and internal processes to enable more frequent and seamless content
releases. The objective is simple, get customers content to their consoles
faster without disrupting their workflow and currently running or scheduled
scans. This enables security teams to respond to industry trends much faster and
coupled with our new adaptive security feature enables low impact delta scans of
just the new or updated vulne
2 min
Nexpose
Adaptive Security: Rapid7 Critical Vulnerability Category
Starting this week, we have added a new vulnerability category: Rapid7 Critical.
When we examine a typical vulnerability, each vulnerability comes with various
pieces of information such as CVE id, CVSS score, and others. These pieces of
information can be very handy especially when you set up Automated Actions in
Nexpose. Here is an example:
As you can see the example on the right, this trigger will initiate a scan
action if there is a new coverage available that meets the criteria of CVSS
3 min
Nexpose
How to use Nexpose to find all assets affected by DROWN
Introduction
DROWN is a cross-protocol attack against OpenSSL. The attack uses export cipher
suites and SSLv2 to decrypt TLS sessions. SSLv2 was developed by Netscape and
released in February 1995. Due to it containing a number of security flaws, the
protocol was completely redesigned and SSLv3 was released in 1996. Even though
SSLv2 was declared obsolete over 20 years ago, there are still servers
supporting the protocol. What's both fascinating and devastating about the DROWN
attack, is that se
2 min
Windows
Nexpose Remote Registry Activation for Windows
The Windows Registry is a database which stores all settings for a Windows
system, e.g. hardware, software installed, Windows updates installed and
preferences for users and their applications. During normal day to day use a
standard user will inadvertently push changes into this database when they
update the system, add/remove applications and so on.
Remote Registry is a Windows service which allows a non-local user to read or
make changes to the registry on your Windows system when they are
3 min
Nexpose
Have JBoss, Jenkins, WebLogic, WebSphere based applications? Brace yourself, they've got an unwanted Christmas present for you!
Java based server applications are prevalent throughout most corporate
networks. Thousands, if not millions, of applications are deployed using JBoss,
Jenkins, WebLogic and WebSphere - so when a vulnerability affecting the
underlying technology pops up, the impact can be significant. A vulnerability
was recently discovered affecting any Java application which can receive data
back from users, allowing malicious actors to insert unsafe data as it attempts
to ingest the information. The applica
2 min
Nexpose
More TLS Improvements in Nexpose 6.1.2
After releasing TLS Coverage Improvements in Nexpose 6.0.2
[/2015/10/14/tls-coverage-improvements-in-nexpose-602] we figured that the
Nexpose Security Console should be able to abide by our own suggestions. Last
year we had already disabled SSLv3 support by default and allowed configuring
what other protocols are enabled on the console as well. With this week's
release we're limiting the TLS cipher suites available to the console's web
server by default. Similar to the protocols, the cipher suit
1 min
Nexpose
Configuring the SNMP request timeout
The SNMP protocol is very common, has many implementations and is deployed in
diverse networks. In some cases it responds very promptly, in others it is
relatively slow to respond. We found that in some environments a 1 second
request timeout was insufficient, so in Nexpose 6.1.1 we have changed the
default to 3 seconds in order to improve the service and related vulnerability
detection.
This, however, can have a major impact on scan times on port 161 and may not be
desirable on networks with l
4 min
Vulnerability Management
How Adaptive Security fits into your Vulnerability Management Program
Building an Application Vulnerability Management Program, found in the SANS
Institute Reading Room (
https://www.sans.org/reading-room/whitepapers/application/building-application-v
ulnerability-management-program-35297), identifies vulnerability program
management as a cyclical process involving the following steps:
* Policy
* Discovery and Baseline
* Prioritization
* Shielding and Mitigation
* Eliminating the Root Cause
* Monitoring
While the use of Nexpose applies to several of these
2 min
Nexpose
Changes to OVAL in Nexpose 6.0.6
Rapid7 has made it a priority to support security industry standards, including
the Open Vulnerability and Assessment Language (OVAL). Those of you who use
Nexpose to measure policy compliance, either by using the built-in CIS, DISA,
and USGCB policies, or by writing your own custom policies, are using OVAL for
these policies.
A decision by the National Institute of Standards and Technology (NIST) has made
it necessary for us to make changes in our OVAL implementation. These changes
affect po
2 min
Nexpose
Update Tuesday, November 2015
November sees a mix of remote code execution and elevation of privilege
vulnerabilities enabling an attacker to gain the same rights as the user when
the victim opens specially crafted content, such as a webpage, journal file or
document containing embedded fonts. These vulnerabilities affect Internet
Explorer (7 and onwards), Edge, and Windows (Vista and onwards). It is
advisable for users and administrators to patch the affected platforms.
Microsoft includes 12 security bulletins, a third of
3 min
Nexpose
Nexpose 6.0: Using Adaptive Security
Overview
Adaptive Security is a new feature released in Nexpose 6.0 that dynamically
collects and analyzes the important network changes with minimal configuration
needed from the user. This new feature allows you to create workflows called
automated actions that can respond to various behaviors occurring in your
environment automatically. For further explanation, please feel free to read
Adaptive Security Overview. [/2015/10/02/adaptive-security-overview]
Triggers and Actions
Currently Adapti
1 min
Nexpose
The Easy Button for Updating your Nexpose Database
Relax while Nexpose does the work for you
You may have received notifications that you need to update your Nexpose
database soon in order to continue receiving product updates. You may have been
putting it off because it sounds like a pain.
Good news: it's simple!
Have you seen the Staples commercials with the “easy button?” Nexpose basically
has that for the update. You don't have to go in to your database and mess
around with an upgrade wizard. Nexpose handles all that for you. All you ha
1 min
Metasploit
Nexpose and Metasploit Training and Certification Courses Filling Up Fast!
Looking to amp-up or fine-tune your security prowess? UNITED conference
attendees get the chance to do just that by registering for additional small
group training and certification courses (Nexpose Basic, Metasploit Basic, and
Nexpose Advanced). Since we're keeping the sessions intimate, spots are filling
up quickly!
Save your spot now for two days of formalized, curriculum-based training with
Rapid7 experts [http://www.unitedsummit.org/new-registration.jsp]. You'll get
to:
* Share best p