News & Events

2007 Press Releases

PDF Version

Carnegie Mellon University Selects Rapid7’s NeXpose for its Broad Asset Protection and Centralized Risk Monitoring, Ensuring Campus-wide Security

NeXpose Meets Leading Technology School’s Requirements for Vulnerability Scanning, Co-Development and Higher Education Experience

Boston - May 8, 2007 - Rapid7 today announced that Carnegie Mellon University, a global research university recognized for its unparalleled technology programs, has selected the NeXpose award-winning vulnerability management solution for securing its campus-wide systems and networks. NeXpose will enable Carnegie Mellon to perform extensive scanning, conduct more centralized monitoring and effect root cause analysis.

"As we tested NeXpose, we found that the product’s evolution mapped to our needs, which we attribute to Rapid7's responsiveness to our input as well as its experience in the higher education industry," stated Mary Ann Blair, director of information security at Carnegie Mellon. "NeXpose offers exactly what we sought in terms of feature sets, such as support for Linux, a secure Web interface and the ability to create and export customized reports. NeXpose became even more attractive with the introduction of its PCI compliance capabilities."

The NeXpose features Carnegie Mellon found most prominent are its open API architecture, its asset groupings and the access controls with those assets.

"With the open API, we will have the ability to write our own software to manipulate NeXpose and create, for example, auto provisioning accounts and access controls," stated Jason Carr, security engineer at Carnegie Mellon. "The asset groups with access control will enable us to allow many users to view their machines and reports without having access to other machines they don't own."

Carnegie Mellon has a history of valuing collaborative teamwork, and for that reason the degree of partnership formed with Rapid7 has made an impression.

"We had the option of building our own vulnerability scanning system, but the opportunity to partner is much more important and mutually beneficial," stated Blair. "Rapid7's ability to listen and work with us was a differentiator. The company brings not only an understanding of our organization and a commitment to network security, but with the integration of NeXpose with our environment, we will now possess a world-class vulnerability detection system."

Based in Pittsburgh with locations in Silicon Valley, CA and around the world, Carnegie Mellon and its Software Engineering Institute are the home of the CERT® Coordination Center, which researches and reports on security vulnerabilities on the Internet and in networked systems. CERT's 2006 presentation, "Vulnerability Discovery: Bridging the Gap Between Analysis and Engineering," advocates a proactive rather than a reactive approach to vulnerability detection to achieve confidence in networked systems.

About Carnegie Mellon University

Carnegie Mellon is a private research university with a distinctive mix of programs in engineering, computer science, robotics, business, public policy, fine arts and the humanities. More than 10,000 undergraduate and graduate students receive an education characterized by its focus on creating and implementing solutions for real problems, interdisciplinary collaboration, and innovation. A small student-to-faculty ratio provides an opportunity for close interaction between students and professors. While technology is pervasive on its 144-acre campus, Carnegie Mellon is also distinctive among leading research universities for the world-renowned programs in its College of Fine Arts. For more, see www.cmu.edu.

About Rapid7 NeXpose

The award-winning Rapid7 NeXpose Unified Vulnerability Management (UVM) is an all-in-one security solution that scans networks, Web applications, databases, to locate threats, assess their risk to the environment, devise a remediation plan and implement the ticketing process. NeXpose incorporates an expert system to build a knowledge base of facts on the environment it explores and model potential targeted attacks to expose all existing threats. NeXpose provides robust reporting capabilities that ensure compliance with governmental regulations, corporate security configuration policies, and the PCI Data Security Standard. NeXpose is available as a "plug and play" appliance, downloadable software, or an On-Demand hosted solution.

About Rapid7

Rapid7 is the leading provider of unified vulnerability management and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment.  Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, the United States Postal Service, Carnegie Mellon University and Red Bull to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC.  Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits.  To obtain a free download of NeXpose or Metasploit, please visit http://www.rapid7.com/resources/free-downloads.jsp.

For more information, visit www.rapid7.com.

 

Awards
inc500 Award Logo inc500 Award Logo 2009 Redherring Winner Logo 2009 Best Prodcuts Logo 2009 Tomorrow Tech Logo 2009 GPE Awrads Logo Finalist Hot Companies 2009 Logo Rapid7 Star100 Revised Graphic SC Award Nominee 2008 Nominee 2008 Global Exeellence SC Awards 2007 Finalist Hot Companies of 2007 Customer Trust Logo Hot Company 2006 Logo SC 2006 Awards Winner
Most Read
Most Downloaded
Press Releases