Metasploit Pro will provide user swith a suite of tools that will help enterprise defenders prevent data breaches by efficiently prioritizing vulnerabilities, verifying controls and mitigation strategies, and conducting real-world, collaborative, broad-scope penetration tests to improve your security risk intelligence.
Note: In order to acquire the trial key, users will be required to register here.
Here are some key features of "Metasploit Pro":
- Prevent data breaches:
- Identify critical vulnerabilities that could lead to a data breach so you know what to patch first
- Reduce the effort required for penetration testing, enabling you to test more systems more frequently
- Discover weak trust models caused by shared credentials that are vulnerable to brute forcing and harvesting
- Locate exposed, sensitive information with automated post-exploitation file system searches
- Prioritize vulnerabilities:
- Import vulnerability management reports from more than a dozen third-party applications and verify their findings to eliminate false positives
- Integrate with your in-house Nexpose infrastructure to kick off new scans and access real-time vulnerability findings (requires Nexpose)
- Focus on remediating critical vulnerabilities to reduce exposure and reduce mitigation costs
- Prove exploitability to application owners to expedite remediation
- Verify controls and mitigation efforts:
- Re-run exploits after mitigation to verify its effectiveness in preventing a data breach
- Enable the IT operations team or your client to verify whether controls and mitigations were successful by handing them a replay script that re-traces the steps you took to exploit the vulnerability
- Draw on the Nexpose vulnerability database to read up on ways to remediate vulnerabilities (requires Nexpose)
- Conduct efficient penetration tests:
- While penetration tests are generally accepted as a great way to prevent data breaches, they are so costly that many enterprises can only afford to spot check a few hosts. Metasploit Pro drastically reduces cost by automating penetration testing workflows, enabling team collaboration, and simplifying custom reporting. As a result, it becomes feasible to increase the scope and frequency of penetration tests to better protect against data breaches.
- Automate steps of the penetration testing workflow to increase efficiency, enabling you to test more systems more frequently.
- Test the security of your network devices, desktops and servers, including databases and Web applications.
- Measure your users' security awareness with password audits and social engineering campaigns
- Simulate realistic attacks with the world;s largest database of quality-assured exploits
- Create automated reports to inform stakeholders
- Easily document compliance with PCI DSS and FISMA reports that map findings to controls and requirements
- Ensure HIPAA compliance by protecting ePHI (Electronic Protected Health Information) from "reasonably anticipated threats and hazards"
- Contribute to Sarbanes Oxley compliance by protecting the mandated controls and procedures
- Leverage team members' specialties and consolidate reports through team collaboration
Requirements:
- 2 GHz+ processor
- 2 GB RAM available (4 GB recommended)
- 500MB+ available disk space
- 10/100 Mbps network interface card
- Mozilla Firefox 4.0+
- Microsoft Internet Explorer 9
- Google Chrome 10+
Limitations in the trial version:
Wednesday, June 11, 2014
.
