InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats. The Feb. 3 release of InsightVM and Nexpose (version 6.6.63) includes a beta version of the Metasploit Remote Check Service, bringing Metasploit check method capabilities to Linux-based Scan Engines to enhance their remote vulnerability coverage capabilities.
The Metasploit community is well-known and highly regarded within the security space for being a community of experts. With this feature, Rapid7 is bringing this expertise to Linux Scan Engines.
Many vulnerabilities that can be exploited by Metasploit are low-hanging fruit for hackers and script kiddies. With the Metasploit Remote Check Service, your Scan Engines will be more capable of identifying these.
You don't have to worry about Metasploit running potentially harmful exploits against your endpoints; the Scan Engine will only ask it to perform safe checks. There is no ability to deliver offensive payloads.
Getting started with the Metasploit Remote Check Service is easy—simply run a console command once, and it leverages existing scan engines already deployed in your environment. For information on how to enable this beta feature, please see the product documentation
Windows Engine Support
Due to limited support of Metasploit on Windows, in this initial beta release we have focused on adding support for Linux Scan Engines only.
If you are only using Windows engines but you would like to try the Metasploit Remote Check Service feature, you may wish to try using the vulnerability scanning metasploit remote check service release
){kind=link}