Security product provider Rapid7 has forayed into the Middle East market by tying up with Spire Solutions. The vulnerability management solution vendor has recently updated its widely used open-source Metasploit exploitation framework, expanding the software so it supports enterprise IT security staff as well as its core audience of penetration testers.
“Originally the framework was focused on just running exploits. Penetration testers were our core base,” said Glenn Williamson, Rapid7 Regional VP of International Sales, referring to the security professionals who are paid by organizations to break into — and thereby document the weaknesses of — computer systems. “But now we are seeing a huge demand from organisations that just want to put all their existing vulnerability data in one spot and validate all those vulnerabilities.”
The new version, the first major update in more than five years, is the first that offers the ability to capture engagement information in a database, which can then be searched and analyzed with more ease.
The Metasploit Framework is a collection of and execution platform for known software exploits, or code that harnesses, or exploits, security vulnerabilities in software programs for unintended purposes. The framework allows users to string together multiple exploits in order to gain illicit access to a system, replicating actions that would be taken by attackers.