Rapid7, Inc. (NASDAQ: RPD), a leading provider of security data and analytics solutions, today announced Rapid7 Nexpose Now, a major enhancement to its vulnerability management solution that gives customers access to live risk and exposure updates as IT environments change. Nexpose Now is designed to combine the power of advanced exposure analytics, dynamic data collection, and remediation workflows for live exposure monitoring so customers can act the moment risk is impacted. Today’s Nexpose news marks a watershed moment for IT security professionals who have called for live vulnerability data without the toil of passive scanning.
Modern networks face constant change, making it difficult for security professionals to understand the level of risk their organization is exposed to at any given moment. This reality is underscored by the 2016 Verizon Data Breach Investigations Report, which found that most security professionals struggle to keep pace with vulnerabilities discovered in their environment. This is exacerbated by a lack of visibility into new assets joining the network; security professionals need to ensure these assets are protected as they connect. Nexpose users will now be able to see vulnerabilities at the moment of impact; prioritize actions based on the risk to their business; have the ability to work directly with IT for remediation; and track progress.
“This is security – nothing waits and change is constant. Whether you’re talking about the IT environment or the threats organizations face, the ability to respond the moment something changes is what matters. Passive scanning solutions are insufficient when it comes to catching an emerging risk. Anytime a vulnerability management solution isn’t actively assessing exposures and adapting to new threats, there’s a window of opportunity for an attacker,” said Lee Weiner, chief product officer at Rapid7. “We know that change is where threats hide. Threats don’t wait for a scheduled or passive scan to notice them before doing damage.”
Through its automated data collection and assessment, Nexpose eliminates the time wasted between scheduled scans and manual data collection processes. Rather than waiting for a trigger event, Nexpose actively gathers and monitors exposure data from the endpoint to the cloud using agentless and agent-based techniques to alert security teams the moment a change in risk occurs. Nexpose also helps to improve communication issues associated with workflow integrations between people and technology by dynamically prioritizing what must be done to reduce risk as the environment changes.
“Passive vulnerability scanning forces me to act based on old information -- stale alerts and static reports -- effectively giving malicious actors a head start on my network. Nexpose gives me live vulnerability data that updates the second my environment changes,” said a security analyst at a provider of mobile and online messaging with more than 1,000 employees worldwide. “As a member of the Beta program, watching the feedback I’ve shared built into the product has been empowering. Rapid7 is also helping me prioritize actions based on the risk to my organization. This helps clarify communication with IT, track workflow, and share progress with our leadership team.”
Rapid7 Nexpose Now gives users:
Today, Nexpose Live Monitoring, Liveboards, and Exposure Analytics will be made generally available to Nexpose Enterprise customers in English. Nexpose Remediation Analytics will also be made available in Beta to Nexpose Enterprise customers in English today. These enhancements to Nexpose will be made available in additional languages over time. For more information about Rapid7 Nexpose, visit Rapid7’s stand D40 at Infosecurity Europe or see https://www.rapid7.com/nexpose/now
Rapid7 Threat Exposure Management Portfolio
Nexpose is part of Rapid7’s Threat Exposure Management (TEM) offering, designed to find and fix vulnerabilities, misconfigurations, and exposures found in organizations’ networks, applications, people, and processes. By combining vulnerability management, application security, and penetration testing solutions, Rapid7’s TEM suite is designed to help organizations systematically reduce exposure in a matter of hours or even minutes, versus days or sometimes months.
Rapid7 offers the following as part of its TEM portfolio:
Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 5,100 organizations across 99 countries, including 37% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.
This press release includes forward-looking statements. All statements contained in this press release other than statements of historical facts, including, without limitation, statements relating to the Company’s growth strategy, delivering long-term value and the company’s future market opportunities, are forward-looking statements. The words “anticipate,” believe,” “continue,” “estimate,” “expect,” “intend,” “may,” “will” and similar expressions are intended to identify forward-looking statements. We have based these forward-looking statements largely on our current expectations and projections about future events and financial trends that we believe may affect our financial condition, results of operations, business strategy, short-term and long-term business operations and objectives and financial needs. These forward-looking statements are subject to a number of risks and uncertainties, including, without limitation, risks related to our rapid growth and ability to sustain our revenue growth rate, the ability of our products and professional services to correctly detect vulnerabilities, competition in the markets in which we operate, market growth, our ability to innovate and manage our growth, our ability to integrate acquired operations, our ability to operate in compliance with applicable laws as well as other risks and uncertainties set forth in the “Risk Factors” section of our Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission for the quarterly period ended March 31, 2016 filed with the Securities and Exchange Commission on May 12, 2016, and subsequent reports that we file with the Securities and Exchange Commission. Moreover, we operate in a very competitive and rapidly changing environment. New risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties and assumptions, we cannot guarantee future results, levels of activity, performance, achievements or events and circumstances reflected in the forward-looking statements will occur. We are under no duty to update any of these forward-looking statements after the date of this press release to conform these statements to actual results or revised expectations, except as required by law. You should, therefore, not rely on these forward-looking statements as representing our views as of any date subsequent to the date of this press release.