3 min
Improving Visibility into your Security Program – the Risk Scorecard Report
One of the most strenuous aspects of managing your security program is
understanding where to focus your time and effort. It can be a challenge to
balance providing consistent progress updates to your stakeholders and working
with your IT teams to prioritize and remediate issues based on the most accurate
data available at that time. Communication is critical, yet how do you know what
to target and how do you share this information with your organization? Nexpose
has the perfect tool to help yo
1 min
Microsoft
Patch Tuesday - August 2014
Microsoft clearly wants everyone to shake off the dog days of summer and pay
attention to patching. This month's advance notice contains nine advisories
spanning a range of MSFT products. We have the ubiquitous Internet Explorer all
supported versions patch (MS14-051), with the same likely caveat that this would
apply to Windows XP too, if Microsoft still supported it. This patch addresses
the sole vulnerability to be actively exploited in the wild from in this month's
crop of issues, CVE-201
4 min
IT Ops
JSON logging in Apache and Nginx with Logentries
I’m often asked on calls with our customers what is the preferred format for log
data being sent to Logentries
. While we pride ourselves on being the Log Management
tool that is easiest to setup a
4 min
IT Ops
How D3 can help you build effective data visualizations
Data Visualization is the method of consolidating data into one collective,
illustrative graphic. Traditionally, data visualization has been used for
quantitative work, but ways to represent qualitative work have been shown to be
equally powerful. The main goal of data visualization, is to communicate
information clearly and effectively through graphical means. That doesn’t mean
that it needs to look boring to be functional or extremely sophisticated to look
beautiful. In order to achieve a bala
2 min
Events
Metasploit Race to Root and Loginpalooza
Race to Root
Unless you've gotten to this blog by freak accident, you are certain to be aware
that next week is Black Hat USA 2014, and of course, we'll be there. You can
find us at Booth #541, where we'll be running the Metasploit Race to Root, using
the latest pre-release build of Metasploit Pro.
Now, this is not just a contest to see who can get their badge scanned the
fastest. Oh no. This is a real, hands-on micro-sized capture the flag
competition, run by our capable and talented in-house
4 min
I don't always write my own web application fingerprints, but when I do, I use XML
One of the awesome things about Nexpose is its extensibility. Nexpose now allows
you to write your own custom web application fingerprints, using a combination
of XPath and regular expressions. Coupled with the ability to add your own
custom checks
,
this allows you to write your own web application vulnerability coverage.
This fingerprinting functionality can be used on any web application that
provides its version i
5 min
IT Ops
Smart Continuous Delivery Using Automated Testing
This post is building on a recent post highlighting recommendations on how to
simplify your unit testing by using the right set of tools (Smart Integration
Testing with Dropwizard, Flyway and Retrofit
).
As a company like Logentries rapidly
grows, and the number of product features increases, an important question
arises around maintaining the highest level quality and user experience. That
level is usually where the
2 min
IT Ops
4 Ways to Use Centralized Log Management for Improved Production Monitoring
Is your team focused on preventing outages and minimizing downtime in
production?
Time to resolution is one of the most important operational KPIs for Ops teams,
becauseany time that your application is down, is too long for your users.
Whether it’s minutes, hours, or (in a worst case-scenario) days, any time that
your systems are down, your business is losing money; and more importantly,
customer trust and satisfaction. This creates additional pressure on your team
and hurts employee morale. By
3 min
Nexpose
Microsoft False Positives: "The update is not applicable to your computer"
One of the most common false positive cases we see from a support perspective is
a situation where Nexpose reports a vulnerability because a specific patch is
not installed, but when you try to apply the patch, the system will not let you
install it and says the patch is not applicable.
In many cases, this ends up being caused by another patch that is installed on
the system that prevents the patch you are trying to install from being
installed. Sometimes the patch that is installed and preven
3 min
Events
Weekly Metasploit Update: Countdown to DEFCON
Don't Be (too) Naked in Vegas
Wow, it's exactly two more weeks today until DEFCON. While Rapid7 has had a
vendor presence at Black Hat for many years (at booth #541), this year is, I
believe, the first time that we'll have a vendor table at DEFCON. I'm super
stoked about both gigs, since the Black Hat booth will give us an opportunity to
unload give away a fresh new batch of Metasploit T-Shirt Design contest
3 min
IT Ops
Digging Deeper on AWS: Real-time Alerting for Windows Security Events
After many conversations with our AWS customers and the AWS CloudTrail team, we
recently released our AWS CloudTrail integration
to automatically
support the most important log events our customers wanted to be monitoring
across their AWS environments. We found that some of the most common need for
notifications included:
* Starting, stopping, terminating, rebooting instances
* Creating or deletingsecuritygroups
* Creating and d
2 min
IT Ops
Revisiting the Past with Logentries and Syslog
When I was younger I was always amazed by my grandfather. He would revel me
in stories about how, when growing up, not only did he not have a car or
television, but he had to walk up hill “both ways” to get to school – without
shoes! And here I am today more or less saying the same thing about the late
70’s and early 80’s when client-server changeover that occurred during that time
and we all had servers sitting in our closets. Setting up syslog
back in
2 min
IT Ops
AWS CloudWatch Logs - Making Innovation Easier and Cheaper
Last week AWS made an exciting announcement at their NYC Summit, which I believe
is a big step in helping to reduce the cost of log management in the cloud
for end users and vendors alike –
good news all around!
What was announced?
Amazon announced ‘CloudWatch Logs’ which essentially allows you to send log data
from your EC2 instances into CloudWatch for storage and some rudimentary
analysis.
How does it work?
CloudWatch logs works by collecting y
3 min
Metasploit
Weekly Metasploit Update: Embedded Device Attacks and Automated Syntax Analysis
D-Link Embedded Device Shells
This week, esteemed Metasploit
contributor @m-1-k-3 has been at it again with his
valiant personal crusade against insecure SOHO (small office/home office)
embedded devices with known vulnerabilities. We have a new trio of modules that
target D-Link gear, based on the research released by Craig Heffner and Zachary
Cutlip, which exploit two bugs present in the DSP-W215 Smart Plug, and one UPnP
comma
2 min
Logentries
Logs to Metrics to JSON to Geckoboard
The world of log management and
application performance monitoring are evolving and
there is no longer a big distinction between the two.
Up to even a year ago, many people in IT viewed logs as simply a means of
identifying and tracking issues once they have occurred within their system. It
was rare that people were using their logs for more than basic application event
tracking and watching for exceptions.
But over the