Security Configuration Assessment

Single-scan configuration and vulnerability assessment capabilities document compliance for internal and external auditors while shoring up your IT defenses

With the increasing sophistication and persistence of cyber threats today, misconfigurations can pose as great a risk to an organization's defense as non-patched or non-mitigated vulnerabilities. In order to provide a consistent and unified defense of your IT infrastructure, we recommend that you view your security risk holistically, regardless of the source of the risk.

Nexpose helps you efficiently identify misconfigurations and vulnerabilities so you can meet security policies, laws and regulations by providing:

• Single-Scan Capabilities: Nexpose simultaneously scans for vulnerabilities and configuration issues. This single-scan capability ensures that security configuration assessment becomes a natural byproduct of day-to-day vulnerability management, saving you time and money as you shore up your company's defenses.
• Broad Security Configuration Assessment Coverage: Nexpose supports policies for the United States Government Configuration Baseline (USGCB) for Windows 7 assets, Windows 7 Firewall, and Internet Explorer 8, as well as those policies as defined in Federal Desktop Core Configuration (FDCC) for Windows XP, Windows Vista, Internet Explorer 7, Windows XP Firewall and Windows Vista Firewall. Additionally, it can validate security configuration compliance against a broad range of systems including Windows, IBM AS/400, Oracle, Lotus Notes/Domino and Unix. For Windows policies, standard Microsoft security template files (.inf) can be imported into Nexpose. For other systems, XML-based configuration policies can be defined.
• Extensibility and an Advanced Policy Engine: Nexpose's Advanced Policy Engine has been built from the ground up to natively support industry standard XCCDF and OVAL content, enabling users to use existing content libraries and processes to extend Nexpose. All policy templates, including the FDCC and USGCB templates in Nexpose can be fully customized and new templates can be created or imported. Nexpose will integrate with external configuration and patch management systems via vendor drop down or Nexpose open API.
• Detailed Compliance Reporting at your fingertips: The Policies tab in Nexpose provides real-time compliance statistics at the policy and rule level to quickly gauge compliance across your organization. For more detailed reports, use the Policy Evaluation report, or include Policy Evaluation report section in custom reports.

For more information about Nexpose Enterprise Edition, please click here.