First SIEM and penetration testing integration
Posted on 03 August 2011.
NitroSecurity and Rapid7 announced the pairing of NitroSecurity’s NitroView with Rapid7’s Metasploit Pro 4.0 solution, in order to enable security operations managers to identify and validate critical vulnerabilities that could lead to a data breach, and to prioritize their remediation efforts more effectively.

Metasploit Pro addresses the rapidly changing nature of today’s threat landscape by integrating with more than a dozen vulnerability management and Web application scanners, and for the first time, by providing data to NitroView through a documented interface.

It confirms that exposures reported by vulnerability management solutions exist and verifies whether a reported vulnerability is actually exploitable, reducing false positives and identifying issues that truly pose a data breach risk. The integration of the two solutions enables security teams to spend less time fixing unimportant vulnerabilities and to have an effective way to verify that remediation was successful.

By deploying Metasploit Pro with NitroView, security operations teams also benefit from a SIEM with real-time incident response capabilities. As Metasploit Pro validates the most pressing vulnerabilities, NitroView is able to analyze them within the full context of network and event activity – up to and including full application content awareness. This provides precise and actionable intelligence to fix vulnerabilities and rapidly respond to incidents.

Based on the well-known open source penetration testing framework, Metasploit Pro can also report on zero-day exploits that are not yet covered in vulnerability management solutions. Recent examples include the Stuxnet vulnerabilities, where Metasploit Pro was able to provide comprehensive and accurate detection immediately following the outbreak of attacks.

NitroView also helps organizations to proactively detect risks and threats through advanced analytics, dynamic activity baselining, and the NitroRSC risk correlation technology.






Spotlight

Why IT security is broken and how math can save it

Posted on article.php?id=2107  |  Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //