Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Rapid7
Company size (employees)800
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

- Vulnerability prioritization based on real risk: Nexpose is the only solution that looks beyond the common CVSS score of a vulnerability to help you understand how easily an attacker can use the vulnerability to breach your network. We take into account malware exposure, available exploits (via our ownership of the Metasploit Framework) and the age of a vulnerability to give you a risk score of 1-1000, the most granular in the industry, and make sure you’re prioritizing the most weaponized vulnerabilities first. We also make it easy to add business context to specific assets, so your most critical systems are automatically prioritized at the top of remediation reports.

- Helping build an integrated security program: With an open API and an engineering team dedicated to building integrations, Nexpose helps you feed your attack surface data into your other security tools, enabling your overall program to be more efficient and your other products to be more valuable. With our own services team, we’re committed to helping clients build out and customize their own use cases with Nexpose so that the data that Nexpose collects can be used in innovative ways outside of the product

- Making it easier for security teams to work with operations: With our asset tagging and dynamic asset groups, we make it easier to slice and dice your data and ensure that your operations team gets only the information relevant to their systems. Our Top Remediations Report provides a simple, short and to the point plan for exactly what needs to be fixed to have the biggest impact on your risk and how to fix it. This reduces the friction that often occurs between security teams and operations teams, ensuring that issues are fixed quickly and seamlessly


Data breaches are growing at an alarming rate. Your attack surface is constantly changing, the adversary is becoming more nimble than your security teams, and your board wants to know what you are doing about it. Nexpose gives you the confidence you need to understand your attack surface, focus on what matters, and create better security outcomes.
Know Your Weak Points:
You can’t reduce risk if you can’t find, validate, and contextualize it. Nexpose dynamically discovers your complete attack surface and finds vulnerabilities you are missing today across your network, endpoint, virtual, and cloud environments. Understand your threat exposure by integrating directly with Metasploit, the world’s most widely used exploitation framework, to test if your vulnerabilities can be exploited and if your compensating controls are deployed successfully. Contextualize the findings to get a true picture of your risks as they align to your modern digital business.
Prioritize What Matters Most:
It’s impossible to remediate every risk. With Nexpose, the highest risks are prioritized using threat intelligence aligned with what’s important to your business, and what vulnerabilities are most likely to be used in a real attack. Focusing your remediation efforts on taking the most impactful actions will allow you to reduce the most risk with the least amount of effort and keep your IT focused.
Show Your Program’s Development:
You need to prove that your decisions, in fact, are reducing risk. Nexpose allows you to easily see your risk level changing based upon your remediation efforts. Compare different IT remediation teams against each other to understand where you should spend energy and budget. Ensure you are compliant to both internal and external requirements for your vulnerability and risk management program.