Rapid7 Nexpose Now Offers Live Exposure Management, Gives Customers the Power to Act at the Moment of Impact
Modern networks face constant change, making it difficult for security professionals to understand the level of risk their organization is exposed to at any given moment. This reality is underscored by the 2016 Verizon Data Breach Investigations Report, which found that most security professionals struggle to keep pace with vulnerabilities discovered in their environment. This is exacerbated by a lack of visibility into new assets joining the network; security professionals need to ensure these assets are protected as they connect. Nexpose users will now be able to see vulnerabilities at the moment of impact; prioritize actions based on the risk to their business; have the ability to work directly with IT for remediation; and track progress.
“This is security – nothing waits and change is constant. Whether you’re talking about the IT environment or the threats organizations face, the ability to respond the moment something changes is what matters. Passive scanning solutions are insufficient when it comes to catching an emerging risk. Anytime a vulnerability management solution isn’t actively assessing exposures and adapting to new threats, there’s a window of opportunity for an attacker,” said
Through its automated data collection and assessment, Nexpose eliminates the time wasted between scheduled scans and manual data collection processes. Rather than waiting for a trigger event, Nexpose actively gathers and monitors exposure data from the endpoint to the cloud using agentless and agent-based techniques to alert security teams the moment a change in risk occurs. Nexpose also helps to improve communication issues associated with workflow integrations between people and technology by dynamically prioritizing what must be done to reduce risk as the environment changes.
“Passive vulnerability scanning forces me to act based on old information -- stale alerts and static reports -- effectively giving malicious actors a head start on my network. Nexpose gives me live vulnerability data that updates the second my environment changes,” said a security analyst at a provider of mobile and online messaging with more than 1,000 employees worldwide. “As a member of the Beta program, watching the feedback I’ve shared built into the product has been empowering.
Rapid7 Nexpose Now gives users:
Live Monitoring of Vulnerabilities Using Fresh Data
Nexpose provides live monitoring of exposures and removes data drudgery by collecting from, and working with, existing data sources. Nexpose takes the data it collects and leverages the Rapid7 Insight Platform -- the engine behind Rapid7’s secure, cloud-based data analytics solutions – for its new live exposure management capability. Nexpose automatically translates decades of
These new live monitoring enhancements to Nexpose are the natural evolution of Adaptive Security, which focuses on network changes and cuts down on the noise of unfiltered alerts typical of passive scanning.
Liveboards – Not Static Dashboards – From What’s New Through Remediation Status
Nexpose is automated to ask critical and relevant questions of the live data it collects in order to deliver insight, including recommendations designed to reduce risk in the context of organizations’ changing environments. Nexpose Liveboards are built for users to take action and reflect the current state of exposure. In contrast, traditional passive scanning solutions build static dashboards that may not provide meaningful or actionable information and are outdated the moment they publish.
Nexpose Liveboards are also preconfigured to showcase remediation progress and its impact on the vulnerability management program. Security professionals are given the ability to depict how they are safeguarding business data, employees, and customers with Liveboards that translate security data into the language of IT professionals and executives.
Live Remediation Workflow to Effectively Integrate People and Technology
Nexpose remediation workflow is designed to help direct and manage team resources so that customers can focus on what will have the greatest impact to reduce risk within their organization. Nexpose also integrates directly with existing workflow and patch management solutions, such as
Today, Nexpose Live Monitoring, Liveboards, and Exposure Analytics will be made generally available to Nexpose Enterprise customers in English. Nexpose Remediation Analytics will also be made available in Beta to Nexpose Enterprise customers in English today. These enhancements to Nexpose will be made available in additional languages over time. For more information about Rapid7 Nexpose, visit Rapid7’s stand D40 at Infosecurity Europe or see https://www.rapid7.com/nexpose/now
Rapid7 Threat Exposure Management Portfolio
Nexpose is part of Rapid7’s Threat Exposure Management (TEM) offering, designed to find and fix vulnerabilities, misconfigurations, and exposures found in organizations’ networks, applications, people, and processes. By combining vulnerability management, application security, and penetration testing solutions, Rapid7’s TEM suite is designed to help organizations systematically reduce exposure in a matter of hours or even minutes, versus days or sometimes months.
- Nexpose: collects data, analyzes risk from the endpoint to the cloud, and enables IT security teams to identify, assess, and respond to critical changes in their environments as they happen. It also provides complete threat exposure management by testing security controls, and prioritizing and driving risk reduction.
- Metasploit: provides risk assessment through the controlled simulation of a real attack. It increases penetration testers' productivity; prioritizes and demonstrates risk through closed-loop vulnerability validation; and measures security awareness through simulated phishing emails.
- AppSpider: dynamically assesses custom web, mobile, and cloud applications for vulnerabilities across all modern technologies; provides tools that speed remediation; and monitors applications for changes.
- Managed Services: enable organizations to leverage Rapid7’s TEM offerings and security expertise by outsourcing implementation and day-to-day operations to
Rapid7skilled staff as a managed service.
Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 5,300 organizations across over 100 countries, including 36% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.
Cautionary Language Concerning Forward-Looking Statements
This press release includes forward-looking statements. All statements contained in this press release other than statements of historical facts, including, without limitation, statements regarding our expectations, beliefs, features, benefits, and general availability of enhanced offerings, technology integrations, and future offerings, as well as statements regarding plans and strategies for future operations, are forward-looking statements. The words “anticipate,” “believe,” “continue,” “estimate,” “expect,” “intend,” “may,” “will” and similar expressions are intended to identify forward-looking statements. We have based these forward-looking statements largely on our current expectations and projections about future events and financial trends that we believe may affect our financial condition, results of operations, business strategy, short-term and long-term business operations and objectives and financial needs. These forward-looking statements are subject to a number of risks and uncertainties, including, without limitation, risks related to our rapid growth and ability to sustain our revenue growth rate, the ability of our products and professional services to correctly detect vulnerabilities, competition in the markets in which we operate, market growth, our ability to innovate and manage our growth, our ability to integrate acquired operations, our ability to operate in compliance with applicable laws as well as other risks and uncertainties set forth in the “Risk Factors” section of our Quarterly Report on Form 10-Q filed with the
Rachel E. AdamSenior PR Manager 857-415-4443 firstname.lastname@example.org