Access "Metasploit Project acquisition ups ante for penetration testing market"
This article is part of the November 2009 issue of How to implement a change management that works and reduces security risks
There's a little bit of Marty Roesch in HD Moore. When you hear Moore tell his story of spending long hours, literally and figuratively in his basement, pounding out the Metasploit penetration testing framework, you can't help but think you've heard this tale before. And that's because you have, from Roesch the man who wrote Snort in the bowels of his Maryland home, after hours, on weekends and during any other spare moment he had. Both of these guys put in a lifetime's worth of sweat and tears into their respective pet projects. Both built enormously popular and influential security programs. Both decided to share the labor of their love with the world by putting Snort and Metasploit out there as open source. And it's not a stretch to think the safety of many of the world's most critical IT systems is due in some part to these very different tools. Oct. 21 marked the end of an era when vulnerability management vendor Rapid7 announced it had acquired the Metasploit Project and framework. Metasploit was one of the few open source security projects still ... Access >>>
Premium Content for Free.
Messaging security risks have upper hand on solutions
Spam, phishing and infected attachments continue to plague messaging platforms, despite sophisticated protection. What's the answer?
Enterprises must treat Insider risk as they do external threats
Enterprises can no longer differentiate between insiders and external threats. That's such a 2003 paradigm.
- Messaging security risks have upper hand on solutions
Metasploit Project acquisition ups ante for penetration testing market
Rapid7's acquisition of the Metasploit Project takes down one of the few remaining open source security projects. But expect a smooth transition; there have been many success stories and mistakes made to learn from.
Integrated change management reduces security risks
by Diana Kelley and Ed Moyle
Unmanaged changes to IT systems and networks can recklessly increase risk to enterprises. The key is rolling out an accepted change management process, and sticking to it.
- Metasploit Project acquisition ups ante for penetration testing market
Time is now for pandemic flu planning
Safeguarding your organization against a H1N1 outbreak should be a top priority.
Schneier-Ranum Face-Off: Is antivirus dead?
Security experts Bruce Schneier and Marcus Ranum debate the longterm viability of antivirus software.
Standards compliance does not equal sound information security risk management
The checklist approach to security is easy, but the result is poor security.
- Time is now for pandemic flu planning
More Premium Content Accessible For Free
Strategies for a successful data protection program
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
Devices, data and how enterprise mobile management reconciles the two
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
Putting security on auto-pilot: What works, what doesn't
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...