CMIT 321 Ethical Hacking Executive Proposal Free Essay Example, 1250 words

Metasploit Pro closes the gap in vulnerability testing by presenting the risk in an objective way and through collaboration with Nexpose - a vulnerability management solution with the capability to tell the â€Å"who, what and where† of the risk, remediation programs can be prioritized (Rapid7, 2014). Third, Metasploit is used to manage phishing and protect employee credentials. It is recognized that phishing is the third most popular attack vector in a company. There is always a grey area when it comes to an organization measuring and managing phishing exposure and gauging the effectiveness applicable training and technical controls. Metasploit gauges the effectiveness of a security program by conducting simulated phishing crusades to control exposure to phishing attacks. Product reviews, case studies and customer recommendations Metasploit has been tested in a variety of fields, and it is found to be effective. The President of Offensive Security Jim O’Gorman attributed the use of the application to time savings and fewer interruptions in organizational activities. According to him â€Å", Time savings is our prime motivation for using Metasploit Pro (Rapid7, 2014). †Another security consultant, Ben Holder of Lumenate termed Metasploit as a useful software for delivering closed-loop vulnerability reports that facilitate the development of remediation activities. We will write a custom essay sample on CMIT 321 Ethical Hacking: Executive Proposal or any topic specifically for you Only $17.96 $11.86/pageorder now According to Holder, discovery of vulnerabilities is simplified by 70-80% by using Rapid7 products. With respect to phishing capabilities, Metasploit is a great business driver. Tim Pospisil, an IT Security Supervisor at Nebraska Public Power District, commented â€Å"What really facilitate our move to the top were the phishing provisions of Metasploit. .. According to me, that was a critical business drive. (Rapid7, 2014)† during an interview. Personal experiences with Metasploit Having installed the free 14-day trial edition of Metaploit Pro, I realized that the software is far much beneficial than thought. The first feature that was beneficial in my case is the ability to test the network for weak and reused passwords from multiple accounts. This feature is really important in that security professional can detect common employee sources of password cracking synonymous with many organizations. In addition to cracking the operating system accounts, Metasploit Pro can initiate brute force attacks on multiple accounts such as databases, web servers, email accounts and remote administration accounts. This software is advanced in evading detection by common anti-malware solutions.