Rapid7 has released a new version of its exploit discovery program, Metasploit Pro 4.5, which now includes specialized abilities to emulate social engineering attacks, popularly known as “phishing.” Rapid7′s efforts are designed to help security solution and service specalistis understand the largest exploitation points within a given network while simultaneously educating users about inherent risks.
Rapid7 attests that phishing is the “initial attack vector” for many data breaches today and many phishing attacks are derived straight from e-mails and unscrupulous ”social engineering campaigns.” As such, Rapid7′s Metasploit Pro has been built to create an unscrupulous social engineering campaign within a controlled environment.
Metasploit can start with phishing e-mails. Should an employee happen upon this “simulated” attack, they will be directed to a “security awareness” area, where they can learn from their mistakes and understand the process of phishing. Simultanesouly, the platform can detect if there are browser-based exploits, which can allow IT to check on insecure software and patch things up.
Once the initial campaign has started, Metasploit Pro can provide feedback and metrics on risks per-user, which also include statistics on click throughs per e-mail and how many systems could’ve been compromised as a result.
Metaspliot 4.5 can also takes things deeper. Fake websites can be setup to simulate an actual attack, and Metasploit makes this easy to do. Simply point Metasploit to the URL to fake, like a bank website, or even an internal company landing page, and the program will “clone” the site to capture all user input. Metasploit 4.5 will also create “malicious files [for] USB drives” which can then be left “as bait.” This can help network assessment professionals determine threat vectors, point of entry for the most common threats, and subsequently, misinformed employees.
The big push for this approach is because Rapid7 believes there’s simply not enough security awareness. Thus, Metasplot Pro is being positioned as both an educational training tool and a specialized security network assessment platform. Partners ready to take action can check out a free trial of Metasploit 4.5 here. Prices were not disclosed, but those ready to take the dive should take a look at Rapid7′s reseller and managed security services programs.
Worth noting: Rapid7′s methods, while powerful, may be unsettling or even unorthodox for some organizations. Be sure that a business understands this method of network assessment, as it could create concerns and criticism from both C-level executives and employees alike.
However, consulting acumen paired with powerful networking tools makes a good combination for channel partners hungry for opportunity. Rapid7′s Metasploit package easily complements any existing network security service and can be an on-ramp for partners taking the first steps into security services. Channelnomics believes that network assessment services can provide the foundation for a broader services portfolio, which helps solution providers drive enhanced revenue while expanding consultation practices.
Short and sweet: partners not offering some level of assessment services are missing out.
Leave a Reply