Risk
10/16/2012
04:26 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Rapid7 Announces 3 New Magnificent7 Sponsorships

Magnificent7 Program supports innovative open-source projects in the security industry

Rapid7, the leading provider of security risk intelligence solutions, today announced that it has selected three new open source projects for the Magnificent7 Program, which supports innovative open source projects in the security industry. John the Ripper, Ghost and Buttinsky will all be supported in the second round of the program, which starts immediately. The three projects will receive financial support as well as technological, business, and marketing mentoring and expertise. Ghost and Buttinsky were chosen due to their fresh approaches to critical and underdeveloped security sectors. John the Ripper's inclusion in the program builds on Rapid7's previous support of the project, which resulted in a major technology update in 2011 and integration with the Metasploit Framework.

The Magnificent7 Program was created with a view that in the increasingly complex security landscape, open source projects can represent the best of community collaboration and deliver innovative solutions to solve very real security challenges. Rapid7 is committed to supporting these projects so they can grow and make a greater impact for more organizations. The first two projects supported by Magnificent7 – Androguard and Cuckoo Sandbox – have both released updated versions since their inclusion in the program in March 2012.

The open source projects being supported in the second round of Rapid7's Magnificent7 Program are:

John the Ripper

Rapid7 first partnered with John the Ripper – the most widely-used open source password cracking and auditing tool – in 2011, when it supported a development project that delivered a 17% improvement in gate count for the Data Encryption Standard (DES) Algorithm. Its inclusion in the Magnificent7 Program builds on this relationship, enabling core developer Alexander Peslyak to enhance parallel and distributed processing support for John the Ripper.

"Being selected for the Magnificent7 Program builds on an already-productive working relationship with Rapid7," said Alexander Peslyak, founder and core developer of John the Ripper. "There's clear demand for better parallel and distributed processing support in John the Ripper as this will enable users to more easily and effectively utilize a larger amount of computing resources. This development has consistently stayed on the back burner, but the funding from Magnificent7 will change that!"

Ghost USB Honeypot

Ghost, led by Sebastian Poeplau, is a targeted honeypot for USB malware that functions by emulating a USB flash drive to bait, detect and collect information from infected systems allowing security practitioners to protect enterprise sized networks. With Magnificent7 support, Poeplau hopes to discover preventative measures to complement the reactive functionality of the current product.

"I'm very excited that Ghost was accepted for the Magnificent7 Program. Working with Rapid7 is a great opportunity to make the project available to a wide audience and implement a lot of exciting new features," said Sebastian Poeplau, lead developer of Ghost. "I'm particularly honored to find Ghost in the company of excellent projects such as Cuckoo Sandbox and Androguard."

Buttinsky

Lead developers, Patrik Lantz and Lukas Rist, will build a comprehensive botnet monitoring tool from scratch by combining the approaches and goals of Lantz's and Rist's existing botnet tools, Hale and WSBS, respectively. Eventually Buttinsky will integrate HPFeeds to receive sandbox data analysis, and will utilize behavior analysis to avoid detection and learn about command infrastructure.

"Botnet monitoring is a crucial part of threat analysis, but is often neglected due to the lack of proper tools," said Patrik Lantz, lead developer of Buttinsky. "The Magnificent7 Program will generate great visibility for this project to become widespread, and provide us with technical support that will aid us towards a final product that incorporates the functionality needed in the community."

If you have an innovative open source project that addresses a problem in the security space, Rapid7 would like to hear from you! Please see the Magnificent7 submission guidelines for details.

About Rapid7

Rapid7 is the leading provider of security risk intelligence. Its integrated vulnerability management and penetration testing products, Nexpose and Metasploit, and mobile risk management solution, Mobilisafe, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are used by more than 2,000 enterprises and government agencies in more than 65 countries, while the Company's free products are downloaded more than one million times per year and enhanced by the more than 175,000 members of its open source security community. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner®, Forrester® and SC Magazine. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit http://www.rapid7.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.