3 min
IT Ops
Build your own SMS Alerts--Logentries and Clickatell Combined!
*
This is a guest blog post by Jason Ruane, the technical director at Moposa
, a place for brides and grooms to plan and manage their
wedding. In this post Jason, describes how he used Logentries webhook alerts and
Clickatell to receive Logentries alerts via SMS. Jason and his team are long
time users of logentries, analyzing all their logs from multiple servers in one
centralized, cloud location.
How I receive my Logentries
2 min
Nexpose
Bulk Asset Delete Operations via the Asset Filter Page
The latest release of Nexpose allows a user to delete multiple assets at once
via either the site page or the asset group listing page. However, if a user
needs to delete a range of assets which aren't represented by an existing site
or group he can use the Asset Filter page to build a query and then define an
asset group through which the bulk delete operation can be invoked.
Clicking on the Asset Filter button will bring up a new page that allows you to
build an Asset Filter query that can
3 min
IT Ops
How to Best Structure your Logs: Log Analysis Tips and Best Practices with Gal Segal from eToro
This week we have a guest blog post by Gal Segal. Gal is an engineer at eToro
, the worlds Largest Social
Trading & Investment Network. In this post Gal shares his thoughts on log
analysis best practices including tips on how best to structure your logs as
well as some useful patterns that can be applied within your log events. He also
discusses how to use Logentries’ new log search
functionality to more easily
7 min
Nexpose
Asset Discovery Troubleshooting Guide
This guide is designed to show you how to determine the cause of and solution to
the most common difficulties experienced during asset discovery in Nexpose.
The following common issues will be covered here:
1. None or only a few assets are found to be alive
2. Scan appears to hang or is taking too long after finding live assets
3. Incorrect number of open ports on one or more assets
After reviewing the issue that applies to your scan head down to the end of this
guide for detailed troubles
7 min
Nexpose
Simplifying Security Programs with Nexpose 5.7
We are pleased to announce the next version of Nexpose, version 5.7. This
release focuses on helping to provide context on how well your Security Program
is performing and helping you simplify your vulnerability management processes
to help you save time.
The last release of Nexpose, Nexpose 5.6
, introduced the
new Top Remediation
7 min
Metasploit 4.7's New MetaModules Simplify Security Testing
Even when offensive security techniques have been publicly discussed at
conferences and proof of concept code or open source tools are available, using
them in your projects can be very time consuming and may even require custom
development. Metasploit Pro
4.7 now introduces
MetaModules, a unique new way to simplify and operationalize security testing
for IT security professionals.
MetaModules automate common yet complicated security tests
2 min
Metasploit
Metasploit Design Contest: So Much Win!
You may recall that back in May, we announced a Metasploit design contest
to
commemorate 10 years of Metasploit -- and now, it's time to announce the (many)
winners! Once again, the open source security community has blown me away with
your creativity, dedication, and subversive humor. We had a total of 118 designs
(most of which did not suck!) from 55 designers. Not bad for a nearly completely
hashtag-driven contest! In
2 min
Rapid7 Perspective
If you can't explain it simply, you don't understand it well enough
You may have heard “If you can't explain it simply, you don't understand it well
enough.” This is a quote attributed to Albert Einstein that I immediately
thought of when I read about the newly-published risk metrics findings of the
Ponemon Institute study The State of Risk-Based Security Management. Of the
1,320 IT and security professionals surveyed, 59% said that security metrics
information is too technical to be understood by non-technical management.
Really!?
There's not a single thing as
2 min
Microsoft
Patch Tuesday - July Edition!
This month's patch Tuesday the polar opposite of last month's ho-hum,
here-we-go-again-with-the-patches exercise. There are 7 advisories and 6 of
those are critical issues allowing remote code execution. Basically everything
in the core Microsoft world is affected by one or more of these, every supported
OS, every version of MS Office, Lync, Silverlight, Visual Studio and .NET. It's
going to be a busy time for security teams everywhere.
For the first time ever Microsoft is addressing a singl
2 min
Nexpose
Assessing risk using Security Intelligence
Robert Lemos wrote an interesting article
about how CVSS alone does not necessarily give you enough information for
effective remediation prioritization. Adding context about which vulnerabilities
are being exploited easily using known exploits provides a much better way of
determining whether or not a given asset is at risk from a real attack. Quoting
the research completed by Luca Allodi and Fabio Ma
6 min
Metasploit
Good Exploits Never Die: Return of CVE-2012-1823
According to Parallels, "Plesk is the most widely used hosting control panel
solution, providing everything needed for creating and offering rich hosting
plans and managing customers and resellers, including an intuitive User
Interface for setting up and managing websites, email, databases, and DNS."
(source: Parallels ). On
Jun 05 kingcope shocked Plesk world by announcing a new 0 day which could allow
for remote command execution:
Accordi
3 min
Metasploit
Metasploit Update: Those Sneaky IPMI Devices
IPMI, in my network?
This week's update features a set of tools for auditing your IPMI
infrastructure. "Phew, I'm glad I'm not one of those suckers," you might be
thinking to yourself. Well, the thing about IPMI (aka, the Intelligent Platform
Management Interface) is that it's just a skootch more esoteric than most
protocols, and even experienced server administrators may not be aware of it. Do
you use server hardware from IBM, Dell, or HP? Have you ever had to use IBM's
Remote Supervisor adapte
3 min
Introducing RiskRater - a free tool for benchmarking endpoint, mobile and user risk management programs
Introductions
After lurking for a little while, I'm starting to write on SecurityStreet today
in order to introduce RiskRater , a tool we've
been working on recently. RiskRater is an interactive free tool designed to give
security professionals a quick snapshot of how they are doing in terms of their
security controls for endpoints, mobile devices and user-based risk.
What Does RiskRater Do?
We frequently hear from security professionals that they are under consta
13 min
Metasploit
A Penetration Tester's Guide to IPMI and BMCs
Introduction
Dan Farmer is known for his groundbreaking work on
security tools and processes. Over the last year, Dan has identified some
serious security issues with the Intelligent Platform
Management Interface (IPMI) protocol and the Baseboard Management Controllers
(BMCs) that speak it. This post goes into detail on how to identify and test for
each of the issues that Dan identified, using a handful of free security tools.
If you are lo
3 min
IT Ops
Customer Spotlight with Adept Mobile: Ever wonder how the New England Patriots/Miami Dolphins/Boston Celtics handle website demand capacity
We’re launching a new customer Q&A series, where we chat with our customers
about how they’re using log data , their
technology stack, and their overall industry insights. We love talking to our
users, because we always learn something new – and we’d like to share those
insights with you.
In our first interview, we caught up with Craig Heneveld, Director of Technology
at Adept Mobile in Boston, to talk about the development challenges and
successes of bringing