Search Results

Understanding the reporting data model: Facts | Nexpose Documentation

Each fact table provides access to only information allowed by the configuration of the report. ... Similarly, only assets within the scope of the report configuration are made available in the fac...

Understanding the reporting data model: Functions | Nexpose Documentation

To ease the development and design of queries against the Reporting Data Model, several utility functions are provided to the report designer. ... Data model 2.0.0 exposes information about linking...

Working with reports | Nexpose Documentation

You may want any number of people in your organization to view asset and vulnerability data without actually logging on to the Security Console. ... For example, a chief information security office...

Understanding the reporting data model: Dimensions | Nexpose Documentation

Data model 2.0.0 exposes information about linking assets across sites. ... All previous information is still available, and in the same format. ... As of data model 2.0.0, there is a sites column ...

Working with risk trends in reports | Nexpose Documentation

Working with risk trends in reports ... Risks change over time as vulnerabilities are discovered and old vulnerabilities are remediated on assets or excluded from reports. ... As system configurati...

Performing filtered asset searches | Nexpose Documentation

When dealing with networks of large numbers of assets, you may find it necessary or helpful to concentrate on a specific subset. ... The filtered asset search feature allows you to search for asset...

Report templates and sections | Nexpose Documentation

Use this appendix to help you select the right built-in report template for your needs. ... You can also learn about the individual sections or data fields that make up report templates, which is h...

Apache Struts (CVE-2017-5638) | Nexpose Documentation

To scan for and report on the Apache Struts (CVE-2017-5638) vulnerability, you can use any scan template that includes the Web Spider, such as the Full Audit, HIPPA Compliance, Internet DMZ Audit, ...

Authenticated Discovery Scans | Nexpose Documentation

Scan template configurations now support an authentication feature for asset discovery. ... Enable this authentication feature on your discovery scan templates to improve operating system, software...

Detect the Spring4Shell vulnerability | Nexpose Documentation

Detecting Spring4Shell ... You can scan your environment for the Spring4Shell vulnerability with a customized scan template and quickly determine and report on impact using the Specific Vulnerabili...

Apache Log4j | Nexpose Documentation

This guide walks through detecting and reporting on CVE-2021-44228. ... The same steps can be used for additional checks related to Log4Shell such as CVE-2021-45046 and CVE-2021-45105. ... Rapid7's...

Configuring Web spidering | Nexpose Documentation

Web Spidering is no longer supported ... On September 18, 2024, the Web Spidering option within scan templates was deprecated. ... Web Spidering analysis will no longer take place and, as a result,...

Scanning for specific vulnerabilities | Nexpose Documentation

Given their level of risk, high-profile vulnerabilities in your network are often best addressed with custom scan templates and reporting methods. ... See the following articles for scanning and re...

Scanning a load balancer | Nexpose Documentation

This guide explains why scanning through a load balancer is not recommended. ... Examine the following figures and steps to accommodate scanning when a load balancer is deployed in your environment.

Site Detail View | Nexpose Documentation

You can open a site’s detail view by clicking on the name link of any site in your “Sites” table from the Home tab of the Security Console. ... Site detail views contain a variety of site data poin...

Creating a logon for Web site session authentication with HTTP headers | Nexpose Documentation

When using HTTP headers to authenticate the Scan Engine, make sure that the session ID header is valid between the time you save this ID for the site and when you start the scan. ... For more infor...

Measuring scan performance and time | Nexpose Documentation

You can edit the scan template to change scan performance and time. ... In the example above, that scan template will require 19 hours to complete. ... So, if you need a scan to complete in a 4 hou...

Deleting sites | Nexpose Documentation

To manage disk space and ensure data integrity of scan results, administrators can delete unused sites. ... By removing unused sites, inactive results do not distort scan results and risk posture i...

Creating a logon for Web site form authentication | Nexpose Documentation

Start the configuration for the HTML form authentication: ... If you create a logon while configuring a new site, click the Create site button on the Home page. ... OR Click the Create tab at the t...

Running a manual scan | Nexpose Documentation

Start a manual scan for a site ... Scans inspect potential points of exploitation on a site or network to identify possible security risks. ... While the scheduled scan feature should be utilized f...