Blog Posts
People Updates
- Krishnakumar KA, Larie Perkson, Dhananjoy Chowdhury and 7 others updated profile information
Rapid7 Community Site Help
Having trouble accessing your Rapid7 Community account or resetting your password? Not sure where to post your question? Find help on using the Rapid7 Community here.
| Subject | Author | ||
|---|---|---|---|
| #UNITEDSummit 2016: Day 2 Recap 2 days ago in Rapid7 News |
by Amanda Fountain
|
|
|
| #UNITEDSummit 2016: Day 1 Recap 3 days ago in Rapid7 News |
by Amanda Fountain
|
|
|
| Rapid7 Rapid Fire at UNITED Summit: A Spirited Debate 4 days ago in Rapid7 News |
by Amanda Fountain
|
|
|
| [Cloud Security Research] Cross-Cloud Adversary Analytics 4 days ago in Information Security |
by todb
|
|
|
| [Free Tool] IoTSeeker: Find IoT Devices, Check for Default Passwords 5 days ago in Information Security |
by Samantha Humphries
|
|
|
Recent activity around the Rapid7 Community
Social News
- Aaron Wrasman achieved level 1 in the Mission:
Trendsetter
- nqse0vrniprde7sdh3 achieved level 1 in the Mission:
- AYMERIC MARTIN achieved level 1 in the Mission:
- karencho karencho achieved level 1 in the Mission:
Author
- rich achieved level 1 in the Mission:
Matters Most
Hello i have generate code with msfvenom compile it to *.exe ,but if host computer was not turned on session were ending in 15- 20 minutes ,so how to do that server calling back to host for 12 - 15 hours is that possible?
Over the years, several documents have been written about how to write custom vulnerability checks in Nexpose. The most important of these include one about the various components of a vulnerability check, one that gives examples of common vulnerability checking techniques, and another about converting NASL checks to something compatible with… Show more
Correct, the way it currently works is to tell you what it's doing and only flag errors. It's not all inclusive of everything that could go wrong but I'm slowly adding additional validation as I find things that I need to check for. First the script looks at your .vck runs xsd validation then uses the id to determine what the definition file…
At the beginning of summer, we announced some major enhancements to Nexpose including Live Monitoring, Threat Exposure Analytics, and Liveboards, powered by the Insight Platform. These capabilities help organizations using our vulnerability management solution to spot changes as it happens and prioritize risks for remediation. We've also been… Show more
The way this reads, it should help focus remediation efforts I believe. Proof will be in the results when it is used. Thank you for adding this feature!
October is National Cyber Security Awareness month and Rapid7 is taking this time to celebrate security research. This year, NCSAM coincides with new legal protections for security research under the DMCA and the 30th anniversary of the CFAA - a problematic law that hinders beneficial security research. Throughout the month, we will be sharing… Show moreI think security standards, and adhering to those standards make a lot of sense. Further, making it easy to understand for end users of IoT devices for enabling security would be helpful too- all users aren't security experts, nor should they be- the appliances/devices should come user "security friendly"...not just "user friendly".
Matters Most
Overcome Nephophobia - Don't be a Shadow IT Ostrich!Every cloud….. When I was much younger and we only had three TV channels, I used to know a lot of Names of Things. Lack of necessity and general old age has meant I’ve now long since forgotten most of them (but thanks to Google, my second brain, I can generally “remember” them again as long as… Show more
Overcome Nephophobia - Don't be a Shadow IT Ostrich!Every cloud….. When I was much younger and we only had three TV channels, I used to know a lot of Names of Things. Lack of necessity and general old age has meant I’ve now long since forgotten most of them (but thanks to Google, my second brain, I can generally “remember” them again as long as… Show moreInteresting article- I think with more information, a good decision can be made. Perhaps what is needed is more detail about the product, what it saves, how it tracks it, etc. will help the cause? Thanks for the post!
I seem to have an issue where my engines do not always align on the same content update release. Prior to running certain scans I want to ensure all engines have the latest and greatest content and product. What I would like to know is: 1. How can I resolve "partially applied"? AND 2. How can I force a content update to all engines? (either… Show more
I have had some good experiences with using the following under Administration>Console>Administer>Updates>Manual Update: Also, Administration>Engines>Manage>Select engine and click on "Update": I do not know if there is a Linux command like option to do this- perhaps in the security console command line? The think is, if there is an…
I deleted several engines via the nexpose-client ruby gem on one of my consoles, and am now getting hundreds of error messages in my log: 2016-11-01T13:57:57 [ERROR] [Thread: do-message-exchange-10] [EngineID: silo:11] Uncaught exception thrown while exchanging messages: null This does not happen when I delete engines from my other console.… Show more
Thanks Gavin Schneider, the next restart did indeed stop those errors.
In January 2015, Rapid7 worked with Jack Chadowitz and published research related to Automated Tank Gauges (ATGs) and their exposure on the public Internet. This past September, Jack reached out to us again, this time with a slightly different request. The goal was to reassess the exposure of these devices and see if the exposure had changed,… Show more
