Nexpose 5.6 - The Powerful New Features for Your Vulnerability Management Programs

April 24, 2013

In today's Whiteboard Wednesday, Nate Crampton will talk about the latest features in the newest Nexpose 5.6 release that will take your vulnerability management programs to the next level.

Learn more about our top remediation reports that focus on the most crucial vulnerabilities in your environment, making it easy for you to eliminate the most amount of risk with the least amount of effort. Also learn about our new Red Hat Enterprise Linux (RHEL) CIS benchmarks for configuration assessment. Now you can scan for both vulnerabilities and configurations together, rather than doing two separate scans like most of the other vulnerability management solutions out there.

Overall, this new release is all about boosting your vulnerability management program to the next level, giving you better visibility into the biggest risks in your environment, and making your security and IT teams much more efficient when it comes to managing vulnerabilities.

Video Transcript

Hi, my name is Nate Crampton. I'm a Product Marketing Manager here at Rapid7, and I'd like to talk to you about the Nexpose 5.6 release. This release will really help you increase the value of your vulnerability management program. We see that organizations typically struggle. They struggle from taking the program from one step to the next step. So, what we've done is we've created a new topper mediation report that can be customized to your organization's need. Basically, what the report does, it tells you the topper mediation steps that you need to do that give you the biggest impact with the least amount of effort. Also, it only gives the IT team the things that they care about. And it also speaks in a language that they care about.

Show more Show less

So, let's go through a typical scenario. A security administrator will scan for vulnerabilities. He'll have thousands of vulnerabilities, and he'll create a report, a thousand page report. He then gives it to the IT person and the IT person says, "Great. This is going to take me months to get through this whole thing." So, he's like, "I'm not even looking at it." So, then the security guy has to go through the report, strip out all the things he doesn't care about. He doesn't care about the CV numbers. He doesn't care about, all the references. The IT person just cares about what he needs to do. And then what happens is the security administrator needs to figure out, "OK, now that I'm going to have him work on these mediation steps, let me actually consolidate all the steps to figure out what are the biggest things that he needs to do to reduce the most amount of risk?"

So, you can see there's a lot of work that is done from a security administrator's standpoint. Well, what this new report does is it actually automates it. So, you can create a report, top 10, top 20, top 5. You can see the number, you can customize it and you can see the number of the mediation steps and how much risk it'll reduce in your organization. For example, you could say the top 10 things could reduce 80% of the risk to your organization. Well, wouldn't it be great for the security guy to actually have that conversation with the IT person, to say, "Hey, these steps will reduce the most amount of risk. What can we do to actually do this to help me get my program from one step to the next step?"

The second thing that we had in this release that we're really excited about is now we have new certified CIS benchmarks for Red Hat Enterprise Linux. Basically, CIS stands for the Center for Internet Security. So, it's an organization, not-for-profit, and they have, basically, created policies or benchmarks that ensure that your systems are secure. So, typically what will happen is the IT administrator will, basically, build a system. He'll enable all the applications, all the services, because he, basically, has a lot of other things that he cares about. He wants to get it off his plate.
He's on call 24/7. He has to fix the CEO's laptop. He's very reactive. So, when he's creating these new systems, he's creating them quickly. He just, basically, wants to move on. What happens is those systems aren't secure.

So, what you'd, basically, use the CIS benchmarks for is before you take that system and you move it into production, you want to make sure that's configured correctly. And also, you just can't do it the first time. Every time after, basically, like every couple weeks, couple months, whatever frequency you want, you need to check to make sure that those configurations are secure because they can change over time. Either an IT person can go in there and he can change it, or maybe there's some malicious code that changes those settings. So, you really need to ensure that things are secure by constantly checking it.

And we've also found that some organizations, it's great that CIS has these benchmarks for Red Hat Enterprise Linux. But, say your organization, you don't agree with everything that they have. Well, we have an easy to use web-based editor that allows you to take that policy and customize it to meet your organization's need. We also see that companies typically struggle when they do vulnerability scans and they do configuration assessment scans separately. What happens if you do it separately, you have to manage the whole process, and also it's additional network bandwidth that's utilized because you're doing two different scans. So, what's unique about our product is you actually have a single scan that you can check for both vulnerabilities and configurations at the same time and, basically, manage that whole process.

So, as you can see, these two new features really help you increase the value of vulnerability management to your organization. If you'd like a free trial, please come to our website. Otherwise, thank you and we'll see you next week.