RealTime IT News

New Metasploit 3.6 Targets Security Compliance

Security vulnerability testing is getting a boost this week with the release of Metasploit 3.6.

Metasploit Pro, the commercial version of the product, now includes new PCI compliance reporting capabilities. There is also a new Project Activity Report, which helps organization manage and track penetration testing activities.

While there have been improvements to the commercial tool, open source users also benefit from some of the work done on Metasploit Pro 3.6

"The work behind the Pro Console actually resulted in major usability improvements to the standard Metasploit Framework console," said HD Moore, chief security officer at Rapid7 and Metasploit's chief architect. "All 64 of the new modules (including 15 exploits) are available in the open source version as well as the commercial products."

Among the new modules are Post-Exploitation modules including the 'loot' system which had previously only been available in the commercial products.

Read the full story at eSecurityPlanet.com:
Metasploit 3.6 Aims for Compliance