October 26, 2016

Rapid7 and Modulo Partner to Bring Rich VulnerabilCompliance Data to Leading GRC Solution

Rapid7®, the leading provider of unified vulnerability management and penetration testing solutions, and Modulo, a leading provider of enterprise governance, risk and compliance (GRC) solutions, announced a technology integration that enables global customers to better manage their organizations’ risk by automating the collection and analysis of security intelligence across IT assets. Critical vulnerability, misconfiguration and policy violation data identified by Rapid7 NeXpose® scans can then be assessed, prioritized and remediated by Modulo Risk Manager™ NG to centrally manage, track and report security and compliance risks and make more informed business decisions.

Rapid7 NeXpose is the only integrated vulnerability management solution that allows organizations to manage network, operating system, Web application and database security strategies. Additionally, NeXpose is the only vulnerability management solution to use real exploit intelligence to perform risk classification and deliver prioritized remediation reports.

The Modulo Risk Manager NG governance, risk and compliance management solution allows the platform to consistently and repeat-ably demonstrate multi-regulatory compliance, pass demanding audits and reduce security threats before they cause costly damage to the organization – while eliminating duplication of effort through automation. Modulo NG brings together product innovation based on feedback from more than 1,000 customers and 25 years experience in the GRC space. Ease of deployment and use, straightforward integration and a distinctive emphasis on worldwide requirements are a few areas in which Modulo is recognized.


An Introduction to NeXpose Community Edition

Rapid7’s NeXpose is a vulnerability management tool which scans your network and identifies vulnerabilities across a wide range of devices and operating systems. NeXpose uses one of the world’s largest vulnerabilities databases to identify the vulnerabilities on your network.

And the great news is that there is a free community edition. The NeXpose Community Edition is a free, single-user version of NeXpose and is powered by the same scan engine as its big brother NeXpose Enterprise and offers many of the same features. The single biggest limitation is that it only works with up to 32 IP addresses, but this makes it perfect for small organizations or for individual use.

NeXpose Community Edition is available for MS Windows Server 2003 SP2 / Server 2003 R2 and several flavours of Linux including Red Hat Enterprise Linux 5, Ubuntu and SuSE Linux Enterprise Server. Note: There isn’t an official Windows XP version as XP has some limitations with regards to raw sockets which NeXpose needs to perform its scans.

It is also worth noting that NeXpose Community Edition needs 4 GB of RAM (on 32-bit machines) or 8 GB of RAM (on 64-bit machines), don’t try using it without the minimum amount of memory otherwise your machine will start swapping heavily.

Once installed and updated to includ the latest list of vulnerabilities, NeXpose Community Edition offers a comprehensive range of tools for scanning and reporting the vulnerabilities on your network.

Rapid7 have some useful YouTube tutorials here: http://www.youtube.com/user/NeXposeTutorials

Live Hacking V1.2 Released

Dr. Ali Jahangiri, the respected security expert and author, is pleased to announce an update to the Live Hacking CD, a Linux distribution designed for ethical computer hacking. The updated Live CD contains the tools and utilities you need to test and hack your own network in the same way a malicious hacker would. New in this version is the metasploit penetration testing framework and a range of IPv6 foot-printing tools.

The metasploit framework, one of the new tools included with this release, can be used to test your network using the frameworks internal database of known weaknesses and exploits.

As the number of available IPv4 addresses decreases more and more organizations are deploying IPv6. Also included in this new release of the Live Hacking CD is the THC-IPV6 tool, a set of tools to attack the inherent protocol weaknesses of IPv6 and ICMP6.

‘The Live Hacking CD has been an outstanding success’ said Dr. Ali Jahangiri. ‘Now with this new updated version we are putting more tools into the hands of IT professionals so they can defend against the malicious activities of cyber criminals.’

Download Live Hacking V1.2 Here.