This video shows how Jenkins integration works on Rapid7 InsightVM to assess vulnerabilities of Docker Images before they go production which is detailed at https://insightvm.help.rapid7.com/docs/containers-cicd-plugin https://youtu.be/5zjEHBANgbg
Posted by Omer SEN about a year ago
Hi, I'd like to remove all the assets associated with a tag in Nexpose using Ruby client. But the assets are not being cleared after saving the tag. Any thoughts? tag = Nexpose::Tag.load(connection,tag_id) puts tag.associated_asset_ids // Lists all the asset ids tag.associated_asset_ids.clear puts tag.associated_asset_ids // It is empty tag.save(connection) Also, I'd like to know if it's a good practice to always delete the tags (maybe 2K) and create new ones on daily basis?
Posted by Anvesh Samineni about a year ago
Dear Team, Greetings! We are new to Insight. The plan is to install Linux_Insight_Agent.zip as shared by our client and here is the zip content. -agent_installer.sh -cafile.pem -client.crt -client.key -config.json I have been going through your website to understand the process. However I had below questions. Q1) The current linux server version does not seem to be matching with what you mention in your website, so can we really proceed with the Linux_Insight_Agent setup as mentioned above? our server shows this version [wcsadmin@sit-wcs-01 bin]$ uname -r 3.10.0-514.2.2.el7.x86_64 which is not matching with yours mentioned in https://insightagent.help.rapid7.com/docs/operating-system Q2) It was told to disable auditd service in Linux? Will it not impact the existing linux applications? I see this is already installed in our machines at /var/log/audit (hope this is one? also please let us know how can we disable that) Q3) Should we install the insight Agent as root user or a separate use has to be created or can we use one of existing users like wcsadmin? Q4) Are we supposed to take any backup files on servers before proceeding with installation? Q5) Please brief the procedure of testing after the installation process. Please explain the entire process clearly so that we don't run into issues. Expecting your valuable reply at the earliest. Thank you very much. Best Regards, MuraliKrishna
Posted by MuraliKrishna about a year ago
How can i tell if it is working, i have used netstat and found multiple things running on 0.0.0.0:3790 127.0.0.1:3790 etc thus i assume it is running furthermore which browsers should i try, so far i habe used chrome thanks
Posted by not a chancw about a year ago
Hi Team I am new to Rapid 7 / Nexpose Vulnerability tool Is there any way I can get the Vulnerability report by each application wise counts like Windows 2008 - 200 Vuln count - ( 50 Low, 125 - Medium and 25 HIgh severity Windows 2012 - 175 Vuln count ( ||) Windows 2003 - Adobe reader Adobe flash Adobe coldfusion MS outlook IIS MS office etc.
Posted by Vishu Kumar about a year ago
I have created "SCAP Compatible XML Export template" report and when i tried to download the report and saved as XML. Its downloading with no tag. Previously we use to get the report with tag. Is there anything missing and how to troubleshoot on this issue.
Posted by Sandoss Kumar about a year ago
Hi, I am using Kali Linux in Virtualbox I do following commands use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_http set LHOST 10.0.2.15 set LPORT 8080 exploit After that, only I get this: http://prntscr.com/kvedxl The payload handler not starting. Any advice.. Thank you!
Posted by emo about a year ago
Hello, I was wondering if it's possible to retrieve the Authentication results from a scan, Currently, the only way that I have been able to find how to look at it is through the web GUI. Any help in this would be greatly appreciated. Also, another question that is associated to this is how to get more information about the scan like the GUI displays when a scan is completed, addresses scanned, Hostnames and Operating system. Thank you, Matt
Posted by Matthieu Dalcourt about a year ago
A couple thousand InsightVM agents started to report incorrectly. They are still showing them checking in, but all the data the agents bring back is blank. every field in the console is blank. and the risk score is zero, Which I know is wrong. They all started around the same time. Things we have tried: disable all security applications, remove all updates from PC that happened during that time. stop/start agent. deleted agent.jobs.tem_realtime.json and snapshots. Looked at network traffic (even though it is still communicating.) What else can we try to get these working again?
Posted by Tanner Porath about a year ago
Hello, The Assets on the Asset Page aren't equaling the same amount as the assets on the default asset card. Does anyone know why that would be? Also how does one change the aging process to remove stale assets automatically? Thanks in advance
Posted by Chris Finch about a year ago
I'm getting an error "Failed while connecting to discovery center" when attempting to create a discovery connection with a vcenter 6.5 host. I have tried it with multiple hosts. I can't find any logs on the nexpose server that provide any insight into why this is failing. I need help!!! Is there any place I could get better logs as to why this is failing. I have already verified that I have connectivity to the server over port 443.
Posted by Chad S Lorch about a year ago