RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Rapid7 Nexpose

Product
Developers: Rapid7
Last Release Date: 2020/10/26
Technology: Network Health Monitoring - Monitoring of network or management of health performance of IT Infrastructure,  Firewall

Content

Main article: Firewall


Nexpose is a universal vulnerability scanner from Rapid7 company.

2020: Detection of the vulnerability allowing to get a non-authorized access to resources and data

Positive Technologies announced on October 26, 2020 that her expert Mikhail Klyuchnikov revealed vulnerability in the product Rapid7 Nexpose which allows malefactors of c low privileges in a system to get a non-authorized access to resources and data. Vulnerability is present at the Security Console components of version 6.6.48 below.

The product Nexpose is a tool for management of vulnerabilities which allows the companies to reveal quickly gaps in protection of their infrastructure.

Vulnerability of CVE-2020-7383 allows to carry out the attack like "implementation of the SQL code" therefore the authorized malefactor can get access to some data which are stored in the database. They can include information on the found vulnerabilities, the carried-out scannings, politicians. Also using implementation of the SQL code attacking can carry out DDoS attacks on the database that leads to violation of normal work of the web interface.

File:Aquote1.png
This vulnerability allows the authorized malefactor to get access to some data which are stored in the database, to change them or to add entries — Mikhail Klyuchnikov tells. — And it is possible to operate an error even having low privileges in a system — it will allow to get data access which users with such level of the rights should not see.
File:Aquote2.png

Vulnerability received assessment 6.5 that corresponds to the average level of danger. The developer of the product Nexpose, Rapid7 company, published updates in which the error is corrected.

2016: Rapid7 Nexpose underwent certification on compliance to requirements of FSTEC

According to the results of tests Rapid7 company received certificate of conformity No. 3550, confirmatory that the software of Rapid7 Nexpose conforms to requirements of specifications and is the software tool of the analysis of security of information which is not containing the data which are the state secret.

The solution Rapid7 Nexpose is intended for data protection, and can be applied by the organizations to scanning of vulnerabilities and acceptance of reasoned decisions in risk management, providing compliance of the information systems to requirements of regulators.

2015

Check of FSTEC of the Russian Federation

On October 27, 2015 it became known of the solution the Federal Service for Technical and Export Control (FSTEC of Russia) of June 11, 2015 about carrying out certification of a batch of the software of Rapid7 Nexpose.

Certification tests of software of Rapid7 Nexpose should be carried out on compliance to requirements of specifications, basic of which - the requirement to detection of vulnerabilities in the different software. Certification tests will be carried out by the testing laboratory NGO Echelon Ltd accredited by FSTEC of Russia.

Alexander Barabanov, the director of the department of certification and testing of NGO Echelon Ltd, noted: "About 10% of the products on information security provided in the territory of Russia underwent certification of FSTEC. The decision on giving of a vulnerability scanner of Rapid7 Nexpose on certification made by the developer will allow it to show compliance of the product to requirements of FSTEC of Russia and it to increase to it trust from the Russian market of information technologies. At a successful completion of certification end users of a product will be able to provide compliance of the information systems to requirements of regulators".

Possibilities of Nexpose

There are different variations of the product Nexpose focused on the different companies. The free version of a product is expected the small companies or private use (up to 32 IP addresses).

Systems capabilities

  • Scanning of network and operating systems
    • More than 54500 different checks from base 14000+ of vulnerabilities;
    • Low level of false operations;
    • High scanning speed;
    • an Opportunity to carry out safe inspections, without network functioning violation;
    • Detection of vulnerabilities, depending on the installed operating system (OS);
    • Detection of vulnerabilities on the basis of the set updates of OS;
    • Scanning of vulnerabilities of a large number of software and equipment: Windows, Unix, Cisco, Adobe, etc.

  • Scanning of Web applications
    • Проверки SQL Injection, Directory Traversal, Parameter Manipulation
    • Analysis of JavaScript (emulation browser web);
    • Identification of all types of XSS of vulnerabilities, including DOM XSS.

Screenshot of application window, 2014

  • NeXpose Expert System technology
    • Creation of chains of vulnerabilities;
    • Deep scanning;
    • Finding of the hidden vulnerabilities;
    • Confirmation of existence of an exploit for vulnerability.

Plan of elimination of vulnerabilities

  • NeXpose uses elements of artificial intelligence for classification of risks, for acceptance of reasoned decisions and concentration of resources on liquidation of the most critical vulnerabilities;
  • NeXpose generates the plan of elimination of vulnerabilities based on risk level.

  • Powerful system of reports
    • the Preconfigured templates with different detailing for technical specialists, managers and board members;
    • Report settings on the user's template;
    • Export to popular formats;

  • Simplicity of management
    • Intuitive Nexpose web interface (Rapid7)
    • Flexible configuration of the interface according to requirements (PCI DSS HIPA FISMA, SOX 404, GBLA);
    • Centralized operation;
    • workflow Automation: task performance according to the schedule, the notification of users, generation and mailing of the report.

Screenshot of application window, 2014

  • Expanded architecture
    • the Client-server architecture, allows to work with NeXpose both in small and in the large companies;
    • It is delivered in several options of execution - as the program, or as the hardware device;
    • the Opened and described API for integration with other products;
    • workflow Automation: task performance according to the schedule, the notification of users, generation and mailing of the report.