back to article Metasploit creator seeks crowd's help for vuln scanning

Security outfit Rapid7 has decided that there's just too much security vulnerability information out there for any one group to handle, so its solution is to try and crowd-source the effort. Announcing Project Sonar, the company is offering tools and datasets for download, with the idea that the community will provide input into …

COMMENTS

This topic is closed for new posts.
Silver badge

No thanks, but good luck

I've tried a few crowd sourced distributed computing projects. Never again unless it's to help stop some kind of E.L.E. The way the programs hog my PC resources is unacceptable.

That said, I do wish them sincere good luck and think they have a good idea.

0
0

Resources?

perhaps if the project could run only at times when the screen saver is active then it may be of more interest.

Pre-assigned functions shouldn't be toooo hard to set up for download for running in the background when other applications are suspended for example with auto-uploads of data when given milestones are reached.

Seem to remember a Climate Change project using distributed crowd resources which did this, even though the actual project had errors... so not beyond the realms of the organisers to provide this option

Looks like a good idea in principle and I wish them luck

0
0
Bronze badge

Google should be providing this information free to registered security researchers. They already have a massive scanning program, and a massive data collection, storage and distribution program. This should be a publlc service from the company.

0
0

Why should they?

Google are a business, a profit-making entity. They can do (and will do) what they want. You want our own Google data? Set up your own Google.

0
0
Bronze badge
Childcatcher

Re: Why should they?

Google should be providing this information free to registered security researchers...

Google are a business, a profit-making entity. They can do (and will do) what they want.

Yes, but there are some pretty compelling reasons for them to provide this service. Most obviously, it is relatively cheap for them to do this sort of thing and it ought to work as advertising for the company as a whole. Increasing the overall security of the online world works in their favor both directly (fewer vectors of attack against them directly) and indirectly (the customers are more likely to spend money on Google's services if the environment in which they operate is more secure). It provides at least the excuse of legitimacy for some of the data gathering they might otherwise be criticized for.

0
0
Silver badge

Re: Why should they?

Internet security, much like public health, is an issue that now has very serious consequences for everyone, including Google.

That's why they should.

0
0
Anonymous Coward

Botnet port and exploit scanner that will defeat any port scanning detecting firewall by using 1 host per port.

Nice, but why dont they just ask the NSA, im sure they have already mapped the entire internet by now... oh wait they dont like to share.

Still a good idea, although its pretty likely botnets have been doing this for ages...!

0
0
This topic is closed for new posts.

Forums