NeXpose 5.0 vulnerability management solution Released by Rapid7
Nexpose proactively supports the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. This gives organizations immediate insight into the security posture of their IT environment by conducting over 65,000 vulnerability checks for more than 16,000 vulnerabilities. The solution leverages one of the largest vulnerabilities databases to identify vulnerabilities across networks, operating systems, databases, Web applications and virtual assets. Risk is classified based on real exploit intelligence combined with industry standard metrics such as CVSS, as well as temporal and weighted risk scoring. Nexpose provides a detailed, sequenced remediation roadmap with time estimates for each task. Nexpose is used to help organizations improve their overall risk posture and security readiness as well as to comply with mandatory regulations, including security requirements for PCI, HIPAA, ARRA HITECH ACT, FISMA (including SCAP Compliance), Sarbanes-Oxley (SOX) and NERC CIP. Nexpose 5.0, will address the complex security challenges presented by the wide scale adoption of virtualization technologies and the rapid increase of malware. For the first time, organizations will be able to ensure that their virtual environments do not represent potential hidden security threats.
Nexpose proactively supports the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. This gives organizations immediate insight into the security posture of their IT environment by conducting over 65,000 vulnerability checks for more than 16,000 vulnerabilities. The solution leverages one of the largest vulnerabilities databases to identify vulnerabilities across networks, operating systems, databases, Web applications and virtual assets. Risk is classified based on real exploit intelligence combined with industry standard metrics such as CVSS, as well as temporal and weighted risk scoring. Nexpose provides a detailed, sequenced remediation roadmap with time estimates for each task. Nexpose is used to help organizations improve their overall risk posture and security readiness as well as to comply with mandatory regulations, including security requirements for PCI, HIPAA, ARRA HITECH ACT, FISMA (including SCAP Compliance), Sarbanes-Oxley (SOX) and NERC CIP. Nexpose 5.0, will address the complex security challenges presented by the wide scale adoption of virtualization technologies and the rapid increase of malware. For the first time, organizations will be able to ensure that their virtual environments do not represent potential hidden security threats.
Nexpose 5.0 will augment this intelligence with the introduction of its patent-pending Real Risk™ technology that leverages Rapid7' Malware Exposure, identifying which vulnerabilities are currently exploited by malware, and making the risk scores used for prioritized remediation even more meaningful and contextual to security teams.
Rapid7 is proactively addressing this emerging threat with Nexpose 5.0: the first vulnerability management solution to offer organizations patent-pending vScan technology, which enables continuous discovery of virtual machines in their dynamic environments, ensuring they are included in scanning, prioritzation and remediation efforts. Virtualization management metadata is used to discover and track assets in their virtualized infrastructure, giving defenders an up-to-date and accurate view of real risk across their entire physical and virtualized infrastructures. Changes to the status of virtual machines are updated automatically as they are migrated to new hosts or switched on and off. Once discovered, these assets can be classified by the specific factors that are important to security and operational professionals and Nexpose will dynamically update users if any of those key factors change in the assets so they can be appropriately re-classified. These capabilities for virtualization management will initially be available for VMware vCenter™ Server.
Read More here