December 10, 2016

Rapid7 and Modulo Partner to Bring Rich VulnerabilCompliance Data to Leading GRC Solution

Rapid7®, the leading provider of unified vulnerability management and penetration testing solutions, and Modulo, a leading provider of enterprise governance, risk and compliance (GRC) solutions, announced a technology integration that enables global customers to better manage their organizations’ risk by automating the collection and analysis of security intelligence across IT assets. Critical vulnerability, misconfiguration and policy violation data identified by Rapid7 NeXpose® scans can then be assessed, prioritized and remediated by Modulo Risk Manager™ NG to centrally manage, track and report security and compliance risks and make more informed business decisions.

Rapid7 NeXpose is the only integrated vulnerability management solution that allows organizations to manage network, operating system, Web application and database security strategies. Additionally, NeXpose is the only vulnerability management solution to use real exploit intelligence to perform risk classification and deliver prioritized remediation reports.

The Modulo Risk Manager NG governance, risk and compliance management solution allows the platform to consistently and repeat-ably demonstrate multi-regulatory compliance, pass demanding audits and reduce security threats before they cause costly damage to the organization – while eliminating duplication of effort through automation. Modulo NG brings together product innovation based on feedback from more than 1,000 customers and 25 years experience in the GRC space. Ease of deployment and use, straightforward integration and a distinctive emphasis on worldwide requirements are a few areas in which Modulo is recognized.

Source:[http://www.rapid7.com/news-events/press-releases/2010/2010-modulo.jsp]

Secunia Releases Personal Software Inspector (PSI) Version 2.0

Secunia has released version 2 of its Personal Software Inspector (PSI) application.

According to Secunia, the Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose the PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus and are therefore increasingly “popular” among criminals.

The only solution to block these kind of attacks is to apply security updates, commonly referred to as patches. Patches are offered free-of-charge by most software vendors, however, finding all these patches is a tedious and time consuming task. Secunia PSI automates this and alerts you when your programs and plug-ins require updating to stay secure.

Download the Secunia PSI here.

Source & Screen-shot:[secunia.com]

GFI Software adds vulnerability scanning and security patch management to GFI MAX RemoteManagement

GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced it has added vulnerability scanning and security patch management to GFI MAX RemoteManagement, its award-winning remote management and monitoring solution. Managed Service Providers (MSPs) and IT support companies can now deliver cost-effective patch management to boost profits and reduce security risks for their clients.

GFI MAX RemoteManagement is an IT managed services software solution that makes it easy to stay on top of customers’ servers, desktops, networks, hardware and software with its monitoring and management, inventory tracking and automated server and desktop maintenance tools. Thousands of IT support companies, VARs and MSPs use GFI MAX RemoteManagement to maximize revenues, minimize costs and deliver exceptional customer service. It can be installed and set up in 10 minutes and requires no training, hardware or contractual commitments.

“We know security vulnerabilities remain amongst the most disruptive and damaging types of problem experienced in real-world networks, causing lost time and potentially security breaches to customers. This in turn can soak up large amounts of time remediating the problems and cleaning up the systems. The variety and number of threats continue to increase and it is impractical to manage them without effective tools to automate the process,” said Alistair Forbes, General Manager, GFI MAX.

“To overcome this problem, GFI MAX RemoteManagement now includes the award-winning technology of GFI LANguard™, to provide best-in-class vulnerability scanning and patch management capabilities via GFI MAX RemoteManagement™. This provides an effective and efficient solution not only for Microsoft Windows and Office applications, but also non-Microsoft applications such as Adobe Reader, Adobe Flash Player, Adobe Acrobat, Adobe Shockwave, Mozilla Firefox, Mozilla Thunderbird, Java, Opera and Quicktime.” he added.

With vulnerability and patch management for servers and workstations managed easily through GFI MAX RemoteManagement’s intuitive dashboard, MSPs and IT support companies can deliver a high value service to reduce their customers’ risk of downtime and identify and rectify security holes in their networks by scheduling the installation of security patches. The patch overview report provides a clear and complete summary of how GFI MAX RemoteManagement has helped to ensure these machines are up-to-date and secure.

Patch management in GFI MAX RemoteManagement is priced competitively in relation to standalone products and customers pay only for the devices with patch management enabled. Moreover, for customers already making extensive use of the existing product features, there’s no extra charge to use patch management on servers as it is included in the low capped monthly server price.

More information on GFI MAX RemoteManagement and patch management capabilities can be found here: http://www.gfi.com/it-managed-services-software/features/patch-management.

About GFI MAX RemoteManagement
GFI MAX RemoteManagement delivers an easy, affordable solution for IT support providers, Value Added Resellers (VARs) and Managed Service Providers (MSPs) who are looking to take better care of their clients at less cost. GFI MAX RemoteManagement (RMM) solution includes server, network and workstation monitoring and management, asset tracking, client reporting and remote access.

Source:[gfi.com]

An Introduction to NeXpose Community Edition

Rapid7’s NeXpose is a vulnerability management tool which scans your network and identifies vulnerabilities across a wide range of devices and operating systems. NeXpose uses one of the world’s largest vulnerabilities databases to identify the vulnerabilities on your network.

And the great news is that there is a free community edition. The NeXpose Community Edition is a free, single-user version of NeXpose and is powered by the same scan engine as its big brother NeXpose Enterprise and offers many of the same features. The single biggest limitation is that it only works with up to 32 IP addresses, but this makes it perfect for small organizations or for individual use.

NeXpose Community Edition is available for MS Windows Server 2003 SP2 / Server 2003 R2 and several flavours of Linux including Red Hat Enterprise Linux 5, Ubuntu and SuSE Linux Enterprise Server. Note: There isn’t an official Windows XP version as XP has some limitations with regards to raw sockets which NeXpose needs to perform its scans.

It is also worth noting that NeXpose Community Edition needs 4 GB of RAM (on 32-bit machines) or 8 GB of RAM (on 64-bit machines), don’t try using it without the minimum amount of memory otherwise your machine will start swapping heavily.

Once installed and updated to includ the latest list of vulnerabilities, NeXpose Community Edition offers a comprehensive range of tools for scanning and reporting the vulnerabilities on your network.

Rapid7 have some useful YouTube tutorials here: http://www.youtube.com/user/NeXposeTutorials