• eEye’s Metasploit integration – we need more of this!

    14 Jul 2011

    Kudos to eEye Digital Security for integrating Metasploit within their Retina vulnerability scanner. According to this recent press release:

    “Using the free Retina Community scanner or the Retina Network Security Scanner (version 5.13.0 or higher), users can see whether a vulnerability has an associated exploit from Core Impact, Metasploit, or Exploit-db.com, allowing IT Security professionals to better prioritize vulnerabilities and fix the biggest risks first. In addition, if a Metasploit exploit exists, users can right-click to launch Metasploit (3.6.0 or higher) directly from the scanner to perform a penetration test against the targeted host.”

    Thanks for thinking about the workflow of a typical security assessment eEye! I honestly don’t know why it has taken vulnerability scanner vendors so long to get this. I’m convinced that some are completely unaware that such features would be of value.

    So….a tip to other vulnerability scanning vendors out there: Think about how your scanners work through the eyes of security professionals. What are the pain points? What are the inefficiencies and hurdles to do basic tasks? All you have to do is ask people like myself. I’m often willing and able to share many such frustrations and advice. 😉

Resources

view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security appsec basics books careers censorship CISO CISSP cities compliance coronavirus covid-19 cybersecurity data breaches hacking Hacking For Dummies heads in sand health incident response information risk keynote speaker leadership macOS networked cameras passwords patching racing resilience Russian hacking SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok time management training vulnerability and penetration testing web security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

For your convenience I accept