Rapid7, Inc. (NASDAQ: RPD), a leading provider of security data and analytics solutions, announced the release of Nexpose 6.0 featuring Adaptive Security, a new capability that will help organisations respond more effectively to evolving security risks. The enhanced solution for Threat Exposure Management delivers prioritised insight into changes on your network and the impact of newly discovered vulnerabilities, quickly identifying critical threats with guidance for fast remediation.
Adaptive Security dynamically collects and analyses security data, providing attack surface visibility with risk assessment. By focusing on important network changes, Adaptive Security helps IT security professionals better identify and understand their risk, and take action when necessary. Adaptive Security automatically identifies and assesses vulnerabilities and exposures when new assets join the network and when assets rejoin the network. Additionally, Adaptive Security will quickly analyse your security data to provide visibility into and show the potential impact of newly identified vulnerabilities.
Adaptive Security delivers the benefits of continuous monitoring without the noise of unfiltered alerts or the network performance tax of continuous scanning. Further, Adaptive Security automated actions are simple for customers to create because they require no coding and are flexible, so they can better meet specific user needs.
“Security teams are struggling to stay ahead of changes in their environments and the threat landscape while managing the noise that comes with traditional, continuous monitoring solutions. Adaptive Security cuts through the clutter and puts control back into the hands of IT security professionals,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “This level of ongoing awareness and visibility means that significant risks are quickly evaluated and teams are empowered to take action when necessary.”
Nexpose 6.0 also extends IT security teams’ ability to assess their attack surface by integrating data from Project Sonar – a research project from Rapid7 Labs that scans the internet every week for any external facing IP addresses associated with a given domain. The Sonar integration allows teams to discover internet accessible assets they may not have been aware of otherwise.
Better Understand the Risk Exposure from New Vulnerabilities
In 2014, three major vulnerabilities, Heartbleed, Shellshock, and Poodle, left organisations of all sizes and stages of security maturity open to attacks from cyber criminals. Adaptive Security automatically scans for critical threats, like those mentioned above, and measures risk exposure against emerging vulnerabilities, providing context and prioritisation with Nexpose RealRisk and RealContext.
“Nexpose Adaptive Security allows me to understand my organisation’s exposure to threats, including newly discovered vulnerabilities, without having to initiate an assessment,” said Billy Lewis, director of information technology at State Garden. “As soon as a new vulnerability is discovered, I have a report detailing my risk – that’s very powerful.”
The New Nexpose Experience
With a newly streamlined navigation and an easy-to-use interface, Nexpose can improve security professionals’ productivity by extending security team resources. Easy navigation, built-in automation, and the ability to tune Nexpose to your IT environment mean security staff spends less time in the technology and more time acting on the recommendations and making an impact. The improved user experience for Nexpose is part of an ongoing commitment from Rapid7 to make security software easy to use and learn, helping lean teams achieve greater productivity.
About Rapid7 Nexpose
Rapid7 Nexpose is a Threat Exposure Management solution that dynamically collects data and analyses risk across vulnerabilities, configurations, and controls, from the endpoint to the cloud. Nexpose is engineered to enable IT security teams to identify, assess and respond to critical change as it happens with Adaptive Security. Users can more efficiently manage risk found in operating systems, third-party software, Web applications, browsers and databases all in one solution with over 68,000 vulnerabilities and 163,000 vulnerability checks. The unique integration with Rapid7’s Metasploit, RealRisk score, and contextual business intelligence make Nexpose a Threat Exposure Management solution that prioritises remediation and helps reduce risk. Its user interface, and smart analytics—such as the Top 25 Remediation report and custom reporting—allow security teams to communicate risk and remediation more effectively. Nexpose could be used to improve a company’s overall risk posture to better comply with regulations, including security requirements for PCI, CIS, HIPAA, HITECH Act, FISMA (including SCAP Compliance), Sarbanes-Oxley (SOX), and NERC CIP. Nexpose, as a core component of Rapid7’s Security Data and Analytics platform, promotes an active, analytics-driven approach to cyber security.
About Rapid7
Rapid7 is a leading provider of security data and analytics solutions that enable organisations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviours and techniques to make sense of the wealth of data available to organisations about their IT environments and users. Our solutions empower organisations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 4,150 organisations across 90 countries, including 34% of the Fortune 1000.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.