• Nexpose
  • Overview
  • Features
  • Architecture & Open API
  • Try NeXpose
  • Buy NeXpose
  • System Requirements
  • Vulnerabilities Tested
  • NeXpose Information
• Solutions
  • Unified Vulnerability Management
  • Web Application VA
  • Database VA
  • Network & OS VA
  • Compliance Scanning
• Services
  • PCI Compliance Testing
  • Penetration Testing
  • Web Application Security Audits
  • Best Practices Consulting
  • Social Engineering
  • CISSP Seminar
  • NeXpose Training
• Support
  • NeXpose FAQ
  • System Requirements
  • Support Form
  • Vulnerabilities Tested
  • Customer Center Login
• Security Center
  • Advisories
  • Vulnerabilities Tested
  • Compliance
  • White Papers & Articles
  • SSHredder Test Suite
• Company
  • Management
  • Customers
  • Partners
  • Press Room
  • Events
  • Contact
  • Careers
• Customers

• Overview
• Features
  • Accurate Scan Results
  • Asset Groups
  • Ticketing
  • Risk Analysis
  • Policy Checking
  • Auto-Update
  • Customizable Reports
  • Hosted Scanning
  • Deployment Options
• Architecture & Open API
• Try NeXpose
• Buy NeXpose
• System Requirements
• Vulnerabilities Tested
• NeXpose Information
• NeXpose FAQ

Of further interest:

• White paper - NeXpose Vulnerability Management
• NeXpose Datasheet

NeXpose Risk Analysis

What is driving demand for vulnerability assessment products is the increasing amount of federal regulation, including the Health Information Portability and Accountability Act (HIPAA), the Graham-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act. These regulations require companies to put a plan and process in place that identifies how the company is complying with the regulations - in other words keeping healthcare information secure (HIPAA), managing the financial information of public corporations (SOX) and protecting clients personal financial information (GLB). In order to comply, you need solutions for auditing and documenting compliance with these regulations.

Minimally, there are three steps to ensure compliance: assess risk of current network situation, manage and control risk using vulnerability assessment and management tools, document to prove that the proper security measures are being completed on a regular, ongoing basis.

Assessing Risk

To consistently remain compliant, organizations need tracking and reporting capabilities that save time by automatically revealing any irregularities. Scanning Web applications, databases, operating systems and network devices during a single scan, NeXpose optimizes performance and uniquely provides risk assessment based upon how the vulnerability in one system affects another.

Manage and Control Risk

Severe exposures need immediate attention with the accompanying documentation to ensure that the organization has taken the appropriate measures to fix the issue. NeXpose assists IT managers with the delegation and prioritization tasks by assigning each asset discovered during an audit a risk score. The risk score takes into account many factors that weight the relative risk of one vulnerability against another.

Review and Document

NeXpose provides extensive reporting and trend analysis so that your security compliance team can prove that the proper security measures are being completed on a regular, ongoing basis. Proper documentation of the steps taken to ensure compliance is a key factor in policy setting.

Want to lower your risk of exposure? Request your 20 day evaluation today.

Copyright © 2001 - 2008, Rapid7, LLC. All Rights Reserved.

• Home
• |
• Nexpose
• |
• Solutions
• |
• Services
• |
• Support
• |
• Security Center
• |
• Company
• |
• Contact