Additional Info

CompanyRapid7
Websitehttp://www.rapid7.com
Company size (employees)850
Type of solutionHybrid

Overview

Nexpose vulnerability management software monitors exposures in real time and adapts to new threats with fresh data. Nexpose is designed to easily and quickly scan anything with an IP address for vulnerabilities. It does so from a single, unified scan with built-in discovery that identifies the assets on the network across on-premise, cloud and virtual infrastructures. Nexpose can be deployed virtually, with hardware, software or as a managed service, and goes beyond simply identifying vulnerabilities accurately to also make it easy for users to identify what needs to be fixed first, and by whom.

Rapid7’s research team supports Nexpose, providing constant intelligence on new vulnerabilities and integrating the intelligence into the product as fast as possible.

Nexpose helps companies identify risky assets they may not be aware of through integrations with Forescout and its Adaptive Security capabilities by detecting when a new asset joins the network. Through integration with Rapid7’s Project Sonar, customers are also able to gain an outsider’s view of their internet-facing assets. Nexpose also integrates with more best-of-breed technologies than any other scanner, including McAfee ePO™ and McAfee DXL™, allowing security tools to talk to and increase the value of each other.

Nexpose provides an actionable 1-1000 risk score, which evaluates a vulnerability’s age, the exploits that are available for it, and the malware kits that use it. This helps prioritize highest risk vulnerabilities and focus on what matters.

Finally, Nexpose streamlines Remediation Workflow to provide IT and the C-suite with the data they need, and tracks progress in real time. With its customizable dashboard, users can see how security is improving in critical areas and where resources are needed. Rather than create a 1,000-page static report, Nexpose provides a step-by-step guide on what to fix first, tailored to get only the information relevant to that user.

How we are different

Nexpose is all about finding vulnerabilities by collecting the right data, prioritizing threats based on attacker mindset and business context, and then enabling security teams to remediate the vulnerabilities more quickly. This product deserves recognition for the following reasons:


● Nexpose’s features serve a huge return on investment in the form of saved man hours and efficiency. The Nexpose Real Risk Score moves past CVSS-only methods and incorporates vulnerability age and ease of exploitation to help teams focus on the vulnerabilities most likely be used in an attack. Customers have saved, on average, more than 40 man hours a week on their vulnerability management process. One customer, MCPHS, stated in a case study that Rapid7 saved the organization close to 140 man hours of work.


● Nexpose streamlines Remediation Workflow to provide IT, management and the C-suite with the data they need, and tracks progress of each fix in real time to validate upon completion. The product makes it easy for technical teams to communicate security to non-technical business stakeholders. With its customizable dashboard and reports, business owners can see at a glance how security is improving in their critical areas and where more resources are needed. Its Liveboard metrics and analytics engine that shows real-time risk and custom views for everyone from system admins to the CISO.


● Nexpose also integrates with more best-of-breed technologies than any other scanner, allowing all your security tools to talk to and increase the value of each other.