A two-day interactive class covering advanced topics for extending and integrating the Nexpose Vulnerability Management System, as well as techniques for analyzing the wealth of data the product provides.

The course can be presented in a virtual classroom, which is staged on a Rapid7 remote-lab, or on-site in your training facility.

What is the course content?

  1. SQL Query Reports – Attendees will be exposed to the underlying reporting data model and learn to create custom queries for export
  2. NexposeAPI – Attendees will be exposed to Nexpose automation capabilities using the API, and will learn to interact with the API to perform routine tasks.
  3. Scripting with the Nexpose Ruby Gem – Attendees will learn the basics of Ruby scripting and how to leverage the Nexpose Gem to automate routine tasks and extend functionality.
  4. Nexpose Best Practices – Attendees will learn tips and tricks to tune and optimize Nexpose to achieve the best performance and results.
  5. Advanced Troubleshooting – Attendees will learn the various ways to troubleshoot Nexpose issues.

 


Course Agenda

The course includes a combination of lecture, demonstrations, and lab exercises giving the learner the opportunity hear, see and engage in activities.

Day 1

  • Site Strategy BestPractices
  • AssetGroup Best Practices
  • RealContextBestPractices
  • Boolean Logic with Dynamic Asset Groups and Asset Tags
  • Tuning the PostgreSQL Database
  • Tuning Scan Templates
  • Advanced Troubleshooting/Diagnostics
  • Intro/Overview to SQL
  • Understand the Nexpose Reporting Data Model
  • Manipulate data with Pivot Tables and Charts

Day 2

  • API Architecture and Requirements Perform the following tasks through the API:
    • Authenticate to the API
    • Perform a Site Listing
    • Initiate a Scan on a Site
    • Logout of the API
  • Overview of the Nexpose Gem and Documentation
  • Object Oriented Programming Overview
  • Anatomy of a Script
  • Ruby Basics
Geared toward a more technical audience, this hands-on training session is perfect for individuals who have been supporting Nexpose for sometime,those tasked with supporting 3rd-party product integrations or customers needing a deeper understanding of Nexpose data.

Prerequisite

Ideally, attendees should have experience with the following:

  • Nexpose Certified Administrator course
  • Basic understanding of Database Management Systems (DBMS)
  • Basic understanding of Structured Query Language (SQL)
  • Basic understanding of programming/scripting logic and concepts
  • Prior experience writing scripts,helpful (preferablyRuby)

Singapore

  • 23 - 24 Nov 2017