Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

10/16/2012
04:26 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rapid7 Announces 3 New Magnificent7 Sponsorships

Magnificent7 Program supports innovative open-source projects in the security industry

Rapid7, the leading provider of security risk intelligence solutions, today announced that it has selected three new open source projects for the Magnificent7 Program, which supports innovative open source projects in the security industry. John the Ripper, Ghost and Buttinsky will all be supported in the second round of the program, which starts immediately. The three projects will receive financial support as well as technological, business, and marketing mentoring and expertise. Ghost and Buttinsky were chosen due to their fresh approaches to critical and underdeveloped security sectors. John the Ripper's inclusion in the program builds on Rapid7's previous support of the project, which resulted in a major technology update in 2011 and integration with the Metasploit Framework.

The Magnificent7 Program was created with a view that in the increasingly complex security landscape, open source projects can represent the best of community collaboration and deliver innovative solutions to solve very real security challenges. Rapid7 is committed to supporting these projects so they can grow and make a greater impact for more organizations. The first two projects supported by Magnificent7 – Androguard and Cuckoo Sandbox – have both released updated versions since their inclusion in the program in March 2012.

The open source projects being supported in the second round of Rapid7's Magnificent7 Program are:

John the Ripper

Rapid7 first partnered with John the Ripper – the most widely-used open source password cracking and auditing tool – in 2011, when it supported a development project that delivered a 17% improvement in gate count for the Data Encryption Standard (DES) Algorithm. Its inclusion in the Magnificent7 Program builds on this relationship, enabling core developer Alexander Peslyak to enhance parallel and distributed processing support for John the Ripper.

"Being selected for the Magnificent7 Program builds on an already-productive working relationship with Rapid7," said Alexander Peslyak, founder and core developer of John the Ripper. "There's clear demand for better parallel and distributed processing support in John the Ripper as this will enable users to more easily and effectively utilize a larger amount of computing resources. This development has consistently stayed on the back burner, but the funding from Magnificent7 will change that!"

Ghost USB Honeypot

Ghost, led by Sebastian Poeplau, is a targeted honeypot for USB malware that functions by emulating a USB flash drive to bait, detect and collect information from infected systems allowing security practitioners to protect enterprise sized networks. With Magnificent7 support, Poeplau hopes to discover preventative measures to complement the reactive functionality of the current product.

"I'm very excited that Ghost was accepted for the Magnificent7 Program. Working with Rapid7 is a great opportunity to make the project available to a wide audience and implement a lot of exciting new features," said Sebastian Poeplau, lead developer of Ghost. "I'm particularly honored to find Ghost in the company of excellent projects such as Cuckoo Sandbox and Androguard."

Buttinsky

Lead developers, Patrik Lantz and Lukas Rist, will build a comprehensive botnet monitoring tool from scratch by combining the approaches and goals of Lantz's and Rist's existing botnet tools, Hale and WSBS, respectively. Eventually Buttinsky will integrate HPFeeds to receive sandbox data analysis, and will utilize behavior analysis to avoid detection and learn about command infrastructure.

"Botnet monitoring is a crucial part of threat analysis, but is often neglected due to the lack of proper tools," said Patrik Lantz, lead developer of Buttinsky. "The Magnificent7 Program will generate great visibility for this project to become widespread, and provide us with technical support that will aid us towards a final product that incorporates the functionality needed in the community."

If you have an innovative open source project that addresses a problem in the security space, Rapid7 would like to hear from you! Please see the Magnificent7 submission guidelines for details.

About Rapid7

Rapid7 is the leading provider of security risk intelligence. Its integrated vulnerability management and penetration testing products, Nexpose and Metasploit, and mobile risk management solution, Mobilisafe, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are used by more than 2,000 enterprises and government agencies in more than 65 countries, while the Company's free products are downloaded more than one million times per year and enhanced by the more than 175,000 members of its open source security community. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner®, Forrester® and SC Magazine. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit http://www.rapid7.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4682
PUBLISHED: 2021-01-28
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509.
CVE-2020-4888
PUBLISHED: 2021-01-28
IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker co...
CVE-2020-13569
PUBLISHED: 2021-01-28
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can...
CVE-2021-20620
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621
PUBLISHED: 2021-01-28
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.