Results 1 to 2 of 2

Thread: Rapid7 Releases nexpose+metasploit community edition

  1. #1
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default Rapid7 Releases nexpose+metasploit community edition

    Saw this news pop up all over Twitter last night.

    Confidence, Integrity and Immediate Availability « Rapid7 Network Security Blog

    Quote Originally Posted by rapid7



    For those who have been wondering what we’ve been up to, we are pleased to announce the immediate availability of NeXpose Community Edition.

    Community Edition is an important part of our commitment to say what we mean and to do what we say we’re going to do. When we made the Metasploit announcement, there was much speculation about metasploit joining the Rapid7 family and what this means for the community. In some cases, people have understandably expressed concerns about the open source future of the project. There have even been questions about Rapid7’s broader commitment to the community. With the Metasploit announcement, we assured the community that the Project would remain open source. NeXpose Community Edition is an important part of our commitment to the community and raising the bar for the right reasons.

    Sincere thanks to all of those within Rapid7 and throughout our network who provided valuable guidance and feedback. We could not have done this without your help.

    We’re confident that you’ll like what you see in NeXpose Community Edition. Here is a quick snapshot of what is included:

    • Out-of-the box Metasploit integration
    • Coverage for more than 11,000 vulnerabilities with nearly 40,000 vulnerability checks included
    • Targeted coverage for Operating Systems, Network Devices, Web Server infrastructure, and Database Platforms (up to 32 IPs).
    • Regular, automatic vulnerability coverage updates
    • 24 hour or less delivery of new vulnerability checks following Microsoft Patch Tuesday
    • Prioritized risk assessment – identifies risk based upon how the vulnerability in one system affects another.
    • Remediation guidance and Vulnerability descriptions
    • Accurate scan results – use of the expert system to provide the same precision and accuracy as NeXpose Enterprise
    • Extensive community support – provides knowledge exchange via full access to the Rapid7 Community Portal at http://community.rapid7.com.
    • Simple deployment – easily deploys as a software solution on laptops and desktops.
    • No cost start-up security solution – provides a free entry-level vulnerability management solution.

    So check it out and let us know what you think. Download is available at: NeXpose Community Edition Download | Rapid7
    Thoughts? Personally I think it is a ballsy move on their part. Christ Gates in his twitter feed last night said that Core Security was freaking out:

    http://darkreading.com/vulnerability...leID=222000147
    Quote Originally Posted by Core Security
    Metasploit's commercial rival Core Security says its integration with vulnerability scanning is well established, and a healthy separation between pen testing and vulnerabilty scanning should be maintained. "You still need the separate data," says Fred Pinkett, vice president of product management for Core Security. "A pen-testing tool only covers a certain number of remotely exploitable things, so you need that vulnerability scanning data you still need to do those scans and understand what that data is telling you" about what's exploitable, he says.
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  2. #2
    Moderator
    Join Date
    Jan 2010
    Posts
    167

    Default

    great news ... thx for sharing this!

    m-1-k-3

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •