Metasploit Pro 4.0 adds support for cloud, SIEM systems

Rapid7 releases Metasploit Pro version 4 with improved automation features and new SIEM and cloud-based pen-testing support.

Metasploit Pro version 4.0 has been launched by Rapid7. The new Metasploit Pro version claims to add support for integration into security information and event management (SIEM) systems, facilitates cloud-based penetration testing (both public and private), as well as integrates better with existing assessment and management tools.

With Metasploit Pro 4.0, Rapid7’s emphasis is on automation of workflow through various deployment models. By reducing the cost and complexity of penetration testing, the developers expect organizations to be able to conduct broader and more frequent security audits. Metasploit Pro 4.0 is based on the open source Metasploit framework.

The new version is touted to integrate with more than a dozen vulnerability management and Web application scanners by linking to existing SIEMs through a documented interface. In addition, it features nine new SCADA exploits and improved 64-bit Linux payloads.

Metasploit Pro 4 can now automate vulnerability verification through a programming interface and XML based reports. FISMA reports can now be used to document compliance and map vulnerabilities to controls. Another new feature is the integration of Rapid7’s NeXpose with Metasploit Pro through documented, supported APIs that facilitate the scheduling of vulnerability scans and retrieval of scan data from decentralized locations running NeXpose.

Metasploit Pro 4 adds support for cloud-based deployments, being available as an Amazon AMI image for Amazon’s EC2 cloud service. Additionally, Metasploit pro is available as a VMware image for data centers provisioned with VMware vSphere. It adds support for deployment on multiple platforms like Windows, Ubuntu and Red Hat Enterprise Linux.

According to Rapid7, Metasploit Pro adds a host of features to make automated pen-testing easier for enterprises through remote control using an RPC API. Support has been added for automated cracking of encrypted passwords offline. Evidence can now be automatically gathered with customizable macros and full reports are now available in an XML formats. The UI is also reported to have undergone significant cosmetic improvements.

Metasploit Pro v4 is expected to be available in August 2011. More information on features and pricing can be found on the Rapid7 website. Rapid7 also offers an entry level solution in the form of Metasploit Express, with a reduced feature set from the professional edition.

Read more on Endpoint security

Data Center
Data Management