Rapid7, a leading provider of IT security risk management software, today announced that the new capabilities of its vulnerability management solution, Nexpose, further simplify the complex challenge of IT security risk management. Nexpose 5.5 introduces new capabilities for configuration assessment and enhanced reporting to make it easier for security professionals to see and understand the risk associated with their IT assets, users, and the threats relevant to their organization. Additionally, the new version introduces the option to deploy Nexpose as a virtual appliance, extending Rapid7’s commitment to supporting virtual environments, as well as delivering ease-of-use and deployment flexibility for customers.
“Security professionals face a vast and complex challenge, and they need visibility into their organization’s risk exposure to help them make productive decisions to improve their position,” said Richard Perkett, vice president of Engineering, Rapid7. “The new capabilities in Nexpose streamline this process. Security professionals can get a full picture of risk across their IT assets, encompassing vulnerabilities and configuration issues, and presented in easy-to-use customizable reports. This enables better decision-making and increases the credibility of the security team across the organization.”
“As organizations go forward in an ever more dangerous IT environment, it is imperative that they have knowledge of the threats, vulnerabilities, and overall risk to their environment. Vulnerability assessment is a critical step in this and not only improves an organization’s overall security, but can reduce costs and make a company more competitive,” said Charles Kolodgy, vice president of research for Secure Products at IDC. “Capabilities such as integrated configuration assessment and enhanced reporting make security smarter and helps prioritize action and investment.”
The new enhancements to Nexpose 5.5 include:
Configuration Assessment
Organizations need to ensure they are complying with various policy standards, whether they are internal best practice standards, or from external regulatory bodies such as the National Institute of Standards and Technology (NIST). A part of this is ensuring their IT assets are configured in the right way. Traditionally, policy and compliance evaluation are done separately from vulnerability assessments, decreasing productivity for organizations that have to go through similar processes more than once. Version 5.5 extends Nexpose’s existing integrated configuration assessment capabilities by adding CIS Benchmarks, enabling security professionals to benefit from the increased efficiency of unified discovery, scanning, reporting and management.
Enhanced Reporting
Identifying areas of potential risk is crucial, and it is equally vital that the information around risk is presented in a way that is easy to understand and actionable, so the organization can move forward and act to minimize risk. This has traditionally resulted in security professionals spending a large amount of time on reporting, frequently without the real desired outcome of identifying whether the organization’s security posture is improving. Nexpose 5.5 addresses this, providing a simplified reporting workflow that enables users to create customized reports that put the information they need in their hands. Users can also benefit from pre-made templates out-of-the-box, as well as community-driven reports distributed through Rapid7’s community site.
Deployment as a Virtual Appliance
Rapid7 is committed to providing flexibility so customers can deploy Nexpose in whatever means best suits their environment and needs. The solution is already available on a physical appliance, a hosted SaaS solution, or as downloaded software. With the release of the latest version, users will also be able to deploy it as a virtual appliance later this month. This enables security professionals to quickly and easily deploy Nexpose in their virtual environment.
Pricing and Availability
Nexpose 5.5 is available immediately from www.rapid7.com.
Rapid7 security analytics software and services reduce threat exposure and detect compromise for 3,000 organizations across 78 countries, including over 250 of the Fortune 1000. We understand the attacker better than anyone and build that insight into our solutions to improve risk management and stop threats faster. We offer advanced capabilities for vulnerability management, penetration testing, controls assessment, incident detection and investigation across your assets and users for virtual, mobile, private and public cloud networks. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.