General security

About Rapid 7

Irfan Shakeel
December 6, 2016 by
Irfan Shakeel

Rapid 7 is a well-known security solution provider that is devoted to providing services and products to protect, detect and response the security incidents. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner, Forrester and SC Magazine. There is a lot that Rapid7 offers, from incident detection and response, threat management, advisory services, it provides different layers of security that covers Network Security, Application Security, operations and analysis and compliance.

While safeguarding us from the significant risk that comes with pervasive interconnectivity, Rapid7 is known by its products that it provides to overcome security flaws in many aspects. The Rapid7's IT security solutions deliver visibility and insight that help you make informed decisions, create credible action plans, and monitor progress. By uniquely combining contextual threat analysis with fast, comprehensive data collection across users, assets, services, and networks, Rapid7 simplified the compliance and risk management at a glance.

There are also other areas where Rapid7 is providing its best services that include:

Nexpose - Vulnerability Management:

Nexpose is one of the leading vulnerability management and assessment tools. To prevent security breaches, it is important to identify and remediate security holes and vulnerabilities that can expose an asset to an attack. For this, Nexpose vulnerability management is used. It identifies the active services, open ports, and running applications on each machine and it attempts to find vulnerabilities that may exist based on the attributes of the known services and applications.

Nexpose helps us to prioritize vulnerabilities based on risk factor and determine the most effective solution to implement. Rapids7's other tools easily integrate-able to Nexpose to enhance the results and increase uses like Nexpose can be integrated with Metasploit Pro to provide a vulnerability assessment and validation tool to eliminate false positives, verify vulnerabilities, and test remediation measures.

Metasploit – Penetration Testing:

Metasploit is the most impactful penetration testing solution available today. With it, we can uncover weaknesses in our defenses, focus on the highest risks, and improve our security outcomes. It has been used for penetration testing, IDS signature development, and exploits research to provide useful information to the people who are performing penetration testing.

Metasploit evades leading anti-virus solutions, 90% of the time and enables you to completely take over a machine you have compromised from over 200 modules. Metasploit allows us to perform pen-test on our network for weak and reused passwords.

AppSpider – Application Security:

AppSpider is designed for modern world application security. Rapid7 is devoted to providing enhanced products and services to address different levels of security separately. Whereas, AppSpider lets you collect all the information needed to test all the apps so that you aren't left with gaping application risks.

AppSpider crawls in the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster.

There are various other solutions and products as well that Rapid7 provides to ensure customer's security satisfaction. Rapid7 delivers the advanced analytics that allows security, IT, and operations to collaborate effectively to analyze risk, detect attacks, prioritize remediation and much more to measure the impact of their actions, and respond at the moment of impact.

Furthermore to various products and services, Rapid7 also offers certifications in its product-oriented specialized courses. These certifications are designed to represent a proven level of knowledge and use of Rapid7's products or of penetration testing techniques. It helps customers to ensure that employees are best prepared to install, configure and operate the Rapid7 solutions, as well as demonstrate their abilities to conduct advanced penetration tests.

Currently, Rapid7 has the following certifications with more on the way:

  • Nexpose Certified Administrator
  • Nexpose Advanced Certified Administrator
  • Metasploit Pro Certified Specialist

Nexpose Certified Administrator:

Nexpose certified administrator is an introduction course Nexpose in which all the basic methodologies, installation, configuration, operating the Nexpose and administration management is taught. Starting from the vulnerability management methodology to give the attendee a refresher in the basic concepts, it covers workflow of a standard vulnerability management program.

The topics covered in Nexpose Certified Administrator include:

  • Introduction to Nexpose
    • What is Nexpose and what are the main product components?
  • Install
    • Requirements and recommendations
    • Installing a console
    • Installing and pairing a scan engine
  • Operate
    • Getting Started with the console
    • Viewing results
    • Setting up sites
    • Running manual scans
    • Reporting on the environment
  • Administration
    • Managing users, roles, and permissions
    • Managing scan credentials
    • Tuning scans
    • Creating custom report templates
    • Managing users
    • Creating custom scan and report templates

Nexpose Advanced Certified Administrator:

Nexpose advanced certified administrator is an advanced course for Nexpose certified administrator who is looking forward to being more specialized for the Rapid7 products. Starting from various advanced topics from Nexpose API, SQL Query report, Scripting with the Nexpose Ruby Gem and Advanced Troubleshooting, it also covers Nexpose best practices.

Like Nexpose Certified Administrator, Rapid7's Nexpose Advanced Certified Administrator also includes a combination of lecture, demonstrations, and lab exercises, giving the learner the opportunity to see and engage in activities.

The topics covered in Nexpose Advanced Certified Administrator include:

  • SQL Query Reports
  • Nexpose API
  • Scripting with the Nexpose Ruby Gem
  • Nexpose Best Practices
  • Advanced Troubleshooting
  • Site Strategy Best Practices
  • Asset Group Best Practices
  • Real Context Best Practices
  • Boolean Logic with Dynamic Asset Groups and Asset Tags
  • Tuning the PostgreSQL Database
  • Tuning Scan Templates
  • Advanced Troubleshooting/Diagnostics
  • Intro/Overview to SQL
  • Understand the Nexpose Reporting Data Model
  • Manipulate data with Pivot Tables and Charts
  • API Architecture and Requirements
  • Perform the following tasks through the API:
    • Authenticate to the API
    • Perform a Site Listing
    • Initiate a Scan on a Site
    • Logout of the API
  • Overview of the Nexpose Gem and Documentation
  • Object Oriented Programming Overview
  • Anatomy of a Script
  • Ruby Basics

Metasploit Pro Certified Specialist:

The Metasploit Pro Certified Specialist is for the professionals who are an expert in penetration testing, it's a jumpstart course to teach the usage of Metasploit Pro. This course is completely dedicated to teaching you Metasploit Pro from beginning to make you a specialist.

This course is designed to take you from the beginner level in which it covers the logical steps, including creating a project, host discovery, service port and operating system identification, various methods of exploitation, evidence collection, and the creation of various reports. Moreover, a series of lab exercises are also included to give you a hands-on experience.

The topics covered in Metasploit Pro Certified Specialist include:

  • Metasploit Pro Introduction
  • A Discussion of Workflow And Methodology
  • Navigating the GUI
  • Metasploit Tasks
  • Discovering Targets
  • Importing Scan Data
  • An Overview of Exploits Modules
  • Basic Exploitation Techniques
  • Password Brute force Exploitation Technique
  • Pass-The-Hash Exploitation Technique
  • Pivot Attacks
  • An Overview of Payload Modules
  • An Overview of Command Shell/Meterpreter Payloads
  • Post-Exploitation Techniques
  • Maintaining Access and Privilege Escalation
  • Web Application Testing/Exploitation
  • Demonstration of Metasploit Social Engineering Campaign
  • Quick Start Wizards and Meta-Modules
  • Reporting

Rapid7 provides virtual classes for certifications which are hosted on a Rapid7 lab and delivered remotely, culminates in several exercises where users can apply learning in a fun, yet educational, simulation against multiple scenario-driven target environments.

Rapid7 Certification Exam Details:

  • Rapid7 certifications are taken online at the student's convenience and are an open-book format.
  • Exam purchase is good for one (1) exam attempt.
  • The exam is 2 hours in length.
  • Once the exam begins, students may not pause or stop the exam.
  • The passing score is 80% or higher.
  • Attendees who attain a passing score will be able to print a certificate of completion.

Rapid7 is highly focused on providing services and products to ensure the confidentiality of the information. The Rapid7's services and products are widely used in the market and almost has become a standard, to maintain its product's performance and to provide high-end services, many certificates have been introduced, and many are in process to be launched soon. It will help both customer and Rapid7 to work towards securing the information in more specialized and managed way.

Irfan Shakeel
Irfan Shakeel

Irfan Shakeel is the founder & CEO of ehacking.net An engineer, penetration tester and a security researcher. He specializes in Network, VoIP Penetration testing and digital forensics. He is the author of the book title “Hacking from Scratch”. He loves to provide training and consultancy services, and working as an independent security researcher.