BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Right-click Metasploit Integration

Posted July 12, 2011    Marc Maiffret

At eEye we have been continuing an aggressive release schedule of major product updates that simplify your vulnerability management and compliance process. One of the ways that we continue to simplify vulnerability management is through new capabilities and reporting that allow for better prioritization of vulnerabilities from an overall risk management perspective.

While other products continue to lock IT folks into ‘one size fits all’ processes around vulnerability management, we are striving to give you all the information you need to make better educated decisions on how you want to manage vulnerabilities and risk within your business. There is no one right way to manage a vulnerability nor is there one risk score for a vulnerability that maps equally to all companies. Context is key.

In continuing to provide extra flexibility to make better vulnerability management decisions based on how your IT process works, and not how your vulnerability management software wants to force your IT process to work, we are happy to announce right-click Metasploit integration.

As most of you know, we have had integration between both the free and commercial version of Metasploit for data importing for a while now. Thanks to the great work of our friends on the Metasploit Framework team, you are able to import Retina vulnerability scan data directly into Metasploit to then launch exploits against vulnerabilities that Retina discovered. This is in the same way that you can also import Retina scan results into Core Security’s Core Impact product for exploit testing.

We decided to take our integration with Metasploit even further by giving Retina Network customers, and users of our free scanner Retina Community, the ability to right-click on a vulnerability within Retina and launch any applicable Metasploit exploit that might exist. This now creates a dual channel ability by which you can use the free version of Metasploit to either import Retina data into Metasploit to launch applicable exploits or to directly launch Metasploit exploits from within Retina itself. All you need is Retina and Metasploit installed on the same system. We take care of the rest.

eEye’s Director of Product Management, Morey Haber, has put together a video to show this new integration and just how straight forward it is.

This is only the beginning of what we have in store for leveraging the free version of Metasploit to harness its exploit testing capabilities to be at the fingertips of Retina commercial and free Retina Community users. Stay tuned for a lot more integrations with Metasploit free and improvements on top of this first “right-click to exploit” integration release.

As always exploits are far from an exact science and when it comes to prioritizing your vulnerabilities you cannot discount a vulnerability simply because an exploit framework failed to properly exploit a vulnerability. There are many factors that can cause an exploit to fail and also plenty of times where an exploit framework will simply not have an exploit for a vulnerability even though attackers in the wild do.

For example Metasploit free only had exploit coverage for roughly 9% of all Microsoft vulnerabilities in 2010. There is always going to be a gap between the thousands of malicious attackers and their exploit toolkits and what a commercial company can develop with tens of employees. The non-exact science of exploit reliability and incomplete coverage of exploits to vulnerabilities are two factors to keep in mind when thinking about how to prioritize your vulnerabilities.

Stay tuned as we have some more major product announcements in the works that build upon both this integration and show brand new ways of helping you prioritize your vulnerability management process.

P.S. eEye will be sponsoring and exhibiting at this year’s Black Hat conference in Las Vegas. We hope to catch up either at our booth or the craps table. You can find out more here: http://www.eeye.com/fearnot

Leave a Reply

Additional articles

CyberResiliency

6 things I like about Gartner’s Cyber Resiliency Strategy

Posted August 27, 2015    Nigel Hedges

There were 6 key principles, or recommendations, that Gartner suggested were important drivers towards a great cyber resiliency posture. I commented more than once during the conference that many of these things were not new. They are all important recommendations that are best when placed together and given to senior management and the board – a critical element of organisations that desperately need to “get it”.

Tags:
,
powerbroker-difference-1

Why Customers Choose PowerBroker: Flexible Deployment Options

Posted August 26, 2015    Scott Lang

BeyondTrust commissioned a study of our customer base in early 2015 to determine how we are different from other alternatives in the market. What we learned was that there were six key differentiators that separate BeyondTrust from other solution providers in the market. We call it the PowerBroker difference,

Tags:
, ,
Mac-Security-Enterprise

On Demand Webinar: Security Risk of Mac OS X in the Enterprise

Posted August 20, 2015    BeyondTrust Software

In the last several years, Mac administrators have come to realize that they may be just as vulnerable to exploits and malware as most other operating systems. New malware and adware is released all the time, and there have been serious vulnerabilities patched by Apple in the past several years, some of which may afford attackers full control of your systems.

Tags:
, ,