News & Events

2009 Press Releases

PDF Version

Norwich University Deploys Rapid7 For Increased Network Visibility And Reduced Risk

Military College uses Rapid7 NeXpose to Eliminate 1,500 Vulnerabilities in its Complex IT Infrastructure

Boston - January 20, 2009 - Rapid7, the leading provider of Unified Vulnerability Management solutions, today announced that Norwich University has deployed Rapid7 NeXpose for increased network visibility and, in the process, eliminated 1,500 vulnerabilities throughout its large and growing IT infrastructure. Today, the university consistently uses NeXpose to scan for, and, importantly, prioritize network threats, validate policy levels and discover software vulnerabilities on its servers and operating systems.

Norwich University is the first private military college in the United States and the birthplace of the nation’s ROTC program.  The university’s comprehensive computer infrastructure includes dorm rooms outfitted with wired and wireless connections, and a recently overhauled, fully redundant campus-wide wireless network. While this redundancy offers maximum flexibility, it also means that there are twice as many network intrusion points, increasing Norwich’s network risk profile. 

Norwich University turned to Rapid7 to gain more visibility into their risk, scan all critical assets for vulnerabilities and prioritize threats for mitigation.  Within the first day of deployment, Norwich University IT administrators were able to scan their entire network, including all servers, networks, databases and Web applications.  Rapid7 NeXpose’s first scan identified some 3,000 network vulnerabilities and ranked each based on its threat level and impact.  Starting with the most critical issues, the IT staff was able to eliminate more than 1,000 of the vulnerabilities within the first month, eradicating another 500 by the close of the second.

“Our infrastructure is complex and continuing to grow,” said Jeremy Wood, information security analyst at Norwich University.  “Because of its size, we did not have complete visibility into our environment, and, it was also difficult to complete manual audits of our infrastructure for the in-depth analysis we needed to manage our risk.  Rapid7 provides a complete risk profile for our entire environment and then prioritizes which vulnerabilities need to be addressed immediately.  We’ve significantly reduced our number of vulnerabilities and increased our efficiency.”

As a result of the success with in-depth network scanning and the product’s capability, today NeXpose is being used across the IT department to consistently scan all of the university’s systems, including its Windows and Linux operating systems.  Norwich University is also using NeXpose to test its security policies and identify violations, such as guessable passwords, file permissions, and audit which accounts are available on each system.

“There are increasing statistics showing that educational institutions make up a large percentage of total data breaches each year.  To truly reduce risk and increase security, every organization must start with a risk profile to understand vulnerabilities in their IT infrastructure and know how to act on each,” said Mike Tuchen, president and chief operating officer at Rapid7.  “We’re pleased that Norwich University turned to Rapid7 and was able to greatly minimize vulnerabilities and risk so that it can continue to offer next-generation technology to its students and staff.”

According to the Identity Theft Research Center, a non-profit organization that has been tracking security breaches for the past three years, 20 percent of all disclosed 2008 data breaches occurred in the education sector.  With the number of attacks and vulnerabilities clearly on the rise, Norwich University has taken a big step toward security by joining other educational institutions deploying NeXpose to better understand their vulnerabilities and reduce risks. 

About Rapid7

Rapid7 is the leading provider of unified vulnerability management and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment.  Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, the United States Postal Service, Carnegie Mellon University and Red Bull to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC.  Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits.  To obtain a free download of NeXpose or Metasploit, please visit http://www.rapid7.com/resources/free-downloads.jsp.

For more information, visit www.rapid7.com.

 

Awards
inc500 Award Logo inc500 Award Logo 2009 Redherring Winner Logo 2009 Best Prodcuts Logo 2009 Tomorrow Tech Logo 2009 GPE Awrads Logo Finalist Hot Companies 2009 Logo Rapid7 Star100 Revised Graphic SC Award Nominee 2008 Nominee 2008 Global Exeellence SC Awards 2007 Finalist Hot Companies of 2007 Customer Trust Logo Hot Company 2006 Logo SC 2006 Awards Winner
Most Read
Most Downloaded
Press Releases