Access your Pro+ Content below.
Metasploit Project acquisition ups ante for penetration testing market
This article is part of the Information Security magazine issue of November 2009
There's a little bit of Marty Roesch in HD Moore. When you hear Moore tell his story of spending long hours, literally and figuratively in his basement, pounding out the Metasploit penetration testing framework, you can't help but think you've heard this tale before. And that's because you have, from Roesch the man who wrote Snort in the bowels of his Maryland home, after hours, on weekends and during any other spare moment he had. Both of these guys put in a lifetime's worth of sweat and tears into their respective pet projects. Both built enormously popular and influential security programs. Both decided to share the labor of their love with the world by putting Snort and Metasploit out there as open source. And it's not a stretch to think the safety of many of the world's most critical IT systems is due in some part to these very different tools. Oct. 21 marked the end of an era when vulnerability management vendor Rapid7 announced it had acquired the Metasploit Project and framework. Metasploit was one of the few open source...
Features in this issue
Spam, phishing and infected attachments continue to plague messaging platforms, despite sophisticated protection. What's the answer?
Rapid7's acquisition of the Metasploit Project takes down one of the few remaining open source security projects. But expect a smooth transition; there have been many success stories and mistakes made to learn from.
Enterprises can no longer differentiate between insiders and external threats. That's such a 2003 paradigm.
Unmanaged changes to IT systems and networks can recklessly increase risk to enterprises. The key is rolling out an accepted change management process, and sticking to it.
Columns in this issue
Safeguarding your organization against a H1N1 outbreak should be a top priority.
Security experts Bruce Schneier and Marcus Ranum debate the longterm viability of antivirus software.
The checklist approach to security is easy, but the result is poor security.