The Advanced Policy Engine

Last updated at Tue, 25 Jul 2017 19:23:01 GMT

The Advanced Policy Engine is the new configuration compliance framework that was created for the Nexpose 5.0 release.

Advanced? What makes it advanced?

Anyone can call anything "Advanced" these days. A lot of times it is hard to tell if it is just marketing or a real improvement. Look at all of the cleaning ads on television right now.

"Cleaner X cleans 30% then the our previous cleaner using our new Advanced formula!!!"

Is it really improved? How did they measure the improvement? Is it always 30% better in all cases? Who knows? The point is that sometimes it is hard to tell if there is an improvement or if the emperor is wearing new clothes.

So what is improved in the Policy Engine that makes it Advanced? Firstly, and most importantly, the Advanced Policy Engine is fully integrated into the Nexpose scanning framework. You, as a user of Nexpose, are able to scan for policies as part of the present scan framework today. Therefore, in one scan of your network, you are able to scan for vulnerabilities, web based defects using the web spider and test for compliance with any number of policies that you choose. Essentially, it is as easy as opening up a scan template (or creating a new one), checking the boxes of the policies that you would like to scan for, and then running the scan in your environment. If you already have a scan template defined that you would like to keep, just modify that already created scan template and let Nexpose do the rest when the scan is scheduled to run.

So, you are thinking that is nice and all, but that does not mean anything to me if the reporting of information is not consoliated in one location. It is very convenient that you do not have to run multiple scans to get your compliance and vulnerability information, but it is an artificial improvement if reporting information about vulnerabilities and policies are separated when all you want to see is a consolidated risk report. Have no fear. We at Rapid7 can understand the frustration with using two different user interfaces to get the risk information you want. Therefore, we present the user with all risk information that interests you about an asset that they are interested in on one screen. You, the user, can see all the vulnerabilities that affect your asset, the web based vulnerabilities found in your purchased or custom web applications and the list of installed applications on your asset all in one location. However, wait! That's not all!!! With the introduction of the Advanced Policy Engine in Nexpose 5.0, we now also show you the level of compliance for all the policies that you have run in that scan. Not satisfied with the high level asset view? The Advanced Policy Engine allows you to drill down to a low level view on a per-rule basis which will help explain why a policy passed or failed in your environment. This allows you to follow remeditation steps to fix your compliance issues where applicable.

There are lots of imitators who say they have an integrated risk management solution. However, with the development of the Advanced Policy Engine, Nexpose redefines what an integrated risk management solution really is.