Welcome | Rapid7 Community and Blog

Featured Blog Posts

Loading...

Latest Blog Posts

Loading...

Subject		Author
	NCSAM: The Danger of Criminalizing Curiosity 15 hours ago in Information Security	by Amanda Fountain
	Discovery of ePO Assets in Nexpose 14 hours ago in Nexpose	by Vanessa MacDougal
	Mirai FAQ: When IoT Attacks 2 days ago in Information Security	by todb
	Nexpose integrates with McAfee ePO and DXL: The first unified vulnerability management solution for Intel Security customers! 2 days ago in Nexpose	by Nathan Palanov
	Multiple Bluetooth Low Energy (BLE) Tracker Vulnerabilities 2 days ago in Information Security	by todb

Loading...

Recent activity around the Rapid7 Community

Filter

Set as default view

Filtered by:All Items

Agora Security in Metasploit5 minutes ago (Show more Show less)

What's the best way to store MySQL credentials?

I'm planning to develop a module to search and obtain the credentials of a database GUI client. Anyhow the credentials found may be limited, for example a secure deployment of a DB should only allow access form localhost on the root user. My question is that the IP related to the credentials, what should it be? If I leave 127.0.0.1 it may be a… (Show more Show less)

in MetasploitLike Show 0 Likes(0)

0 replies

Social News

Jay Rosenberger achieved level 1 in the Mission: Trendsetter
brian.w.gray achieved level 5 in the Mission: Validator
mr.moon achieved level 1 in the Mission: Trendsetter
Jay Rosenberger achieved level 1 in the Mission: Helper
Samuel Boateng achieved level 1 in the Mission: Trendsetter
Ken Mizota achieved level 1 in the Mission: Helper
smaske achieved level 63 in the Mission: Responder
Adrian Czebiniak achieved level 1 in the Mission: Helper
jaldridge achieved level 1 in the Mission: Helper
maria_d completed a Quest: Helpful

View More

xyclops M in Nexpose5 days ago (Show more Show less)

[oss-security] CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability, under active exploit

[oss-security] CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability, under active exploit Do we have any vulnerability check for this? If not how much time will it take to release the vuln check. Also is there any way we can make the vuln check through XML file and push it to all the Nexpose instances? Thanks ~XM

in NexposeLike Show 5 Likes(5)

3 repliesShow more activityShow more activity

brian.w.gray marked Ken Mizota's reply as helpful

Latest Likes

brian.w.gray likes zeroorone's reply Re: Ruby - Add Multiple Assets to site and Audit Report
brian.w.gray likes Vanessa MacDougal's blog post Discovery of ePO Assets in Nexpose
zeroorone likes jnicoara11's reply Re: How to add a third column, asset count, to an existing SQL query?
jnicoara11 likes zeroorone's reply Re: How to add a third column, asset count, to an existing SQL query?
brian.w.gray likes Greg Wiseman's reply Re: Custom Default Password Vulnerability
Greg Wiseman likes Brandon Koelle's reply Re: Custom Default Password Vulnerability
zeroorone likes myra's reply Re: SQL report with Asset Group and its Assets
Scott Meyer likes royhodgman's blog post NCSAM: You Should Use a Password Manager
chris288 likes xyclops M's question [oss-security] CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability, under active exploit
chris288 likes mattspierce's reply Re: [oss-security] CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability, under active exploit

View More

Matters Most

Brandon Koelle in Nexpose7 days ago (Show more Show less)

Custom Default Password Vulnerability

I'm trying to add a custom vulnerability check for a specific username and password that are the defaults on a set of software and devices. I have been through the documentation on the community on this subject and have, what I believe, to be a decent grasp on it. However, I am running into it not functioning and would like someone with more… (Show more Show less)

in NexposeLike Show 0 Likes(0)

20 repliesShow more activityShow more activity

brian.w.gray marked Greg Wiseman's reply as helpful

Kyle Flaherty

in Information Security3 weeks ago (Show more Show less)

Rapid7 On Top in SANS Top 20 Critical Security Controls

Being great is, well… great, right? But as we all know it doesn’t happen in a vacuum, it’s an equation: Greatness = Individual Excellence + Teamwork + Meaningful Customer Relationships Coincidentally (or not), these items make up three of the five core values we strive towards here at Rapid7 – the other two play a role as well in ‘Disciplined… (Show more Show less)

in Information SecurityLike Show 2 Likes(2)

13 commentsShow more activityShow more activity

Jay Rosenberger 4 hours ago (Show more Show less)

What a Feat! keep up the good work.

Like Show 0 Likes(0) Actions

Matters Most

Vanessa MacDougal

in Nexpose14 hours ago (Show more Show less)

Discovery of ePO Assets in Nexpose

As a corporate network grows and new locations are opened up, it becomes increasingly difficult for companies to keep track of and understand their total asset count and the associated risk exposure. Nexpose lets you easily discover all of your assets before a scan, but if that information is already in a great asset management tool like McAfee… (Show more Show less)

in NexposeLike Show 1 Like(1)

2 commentsShow more activityShow more activity

Jay Rosenberger 4 hours ago (Show more Show less)

Sadly my new company doesn't use ePO but glad you have integrated! wish I could still take advantage of this.

Like Show 0 Likes(0) Actions

Matters Most

Matt Hathaway

in InsightIDR1 week ago (Show more Show less)

Displace SIEM “Rules” Built for Machines with Custom Alerts Built For Humans

If you’ve ever been irritated with endpoint detection being a black box and SIEM detection putting the entire onus on you, don’t think you had unreasonable expectations; we have all wondered why solutions were only built at such extremes. As software has evolved and our base expectations with it, a lot more people have started to wonder why it… (Show more Show less)

in InsightIDRLike Show 1 Like(1)

6 commentsShow more activityShow more activity

Jay Rosenberger 4 hours ago (Show more Show less)

SIEM doesn't have to be as complicated as legacy systems made it. i cant wait to maybe one day move to a product that works the way I believe it should.

Like Show 0 Likes(0) Actions

Matters Most

todb

in Information Security2 days ago (Show more Show less)

Mirai FAQ: When IoT Attacks

Unless you've been blessed with some long DNS TTLs, you probably noticed that some name-brand chunks of the Internet seemed to go missing on Friday, October 21, including Twitter, GitHub, and Pandora. Over the weekend, it became clear that this was another (yes, another) IoT-based denial-of-service attack, where many thousands of devices with… (Show more Show less)

in Information SecurityLike Show 0 Likes(0)

4 commentsShow more activityShow more activity

Jay Rosenberger 4 hours ago (Show more Show less)

I wonder which incident, breach or attack will force us to look at finally implementing DNSSec and other technologies meant to prevent some of the root causes.

Like Show 0 Likes(0) Actions

People Updates

Chandy Bilugu, richard van Schaijik, Dave Rideout and 7 others
updated profile information

Load more items

Top Participants

Loading...

hdmoore

tdoan

todb

egypt

sinn3r

Maria Varmazis

mglinski

Matt Hathaway

Rapid7 Learning Team

jhart

HTML

Ask Rapid7 Community and Blog

Browse

Featured Space

Rapid7 Community Site Help

Popular Content

Popular Tags

Newest Members

Featured Blog Posts

Latest Blog Posts

Recent activity around the Rapid7 Community

Top Participants

Recent Content

@Rapid7