Rapid7’s NeXpose Release Protects Digital Assets

An enterprise vulnerability assessment and risk management software solution, NeXpose version 4.0 provides increased flexibility and streamlines the process for evaluating risk and eliminating exposures

Boston -- December 14, 2004 -- Rapid7 announces a significant new release of NeXpose, the company’s enterprise vulnerability assessment and risk management software. NeXpose Version 4.0 offers capabilities and flexibility to ensure companies experience a minimal vulnerability window.

Featuring a new central Web interface, NeXpose provides horizontal and vertical views of operational risk, the highest degree of accuracy with no false positives, remediation workflow management, and widespread coverage of the operating system, databases, the Web, applications, adware/spyware, and worms. NeXpose enables multiple users -- IT and security staff, network security managers, and systems administrators -- to access the system and perform risk analysis and remediation concurrently. As a result, NeXpose minimizes the time spent locating and eliminating an organization's security vulnerabilities, thereby increasing network reliability, enhancing organizational efficiencies, and improving resource management.

Unique to NeXpose is its rules-based artificial intelligence engine, which provides the ability to demonstrate cause and effect, leverage results, analyze false positives, and provide definitive proof of vulnerabilities. Risk multipliers are easily identified and over 2500 vulnerabilities are tested, effecting zero-day protection.

Reporting, management, and analysis of devices are made easier, as NeXpose enables the creation of arbitrary collections of devices known as asset groups. For compliance with recently established regulatory policies such as Sarbanes-Oxley or HIPAA, NeXpose provides tracking and reporting capabilities that save time by automatically revealing any irregularities.

“We enjoy a certain piece of mind knowing that NeXpose is ‘watching over’ our network,” states Craig Johnston, manager of network security for New York law firm, Cleary, Gottlieb, Steen and Hamilton. “NeXpose allows us to constantly set up attacks to our servers to ensure no vulnerabilities exist. This capability is invaluable as we can always know with certainty that our systems are safe. NeXpose is also very easy to use and understand as it offers beginner and advanced navigation when setting up attacks.”

“With the rising incidence of worms and the increased potential for hackers to gain unauthorized access and steal sensitive business data, organizations need a solution that significantly reduces their security risks and confidently protects their valuable digital assets,” states Alan Matthews, president of Rapid7. “NeXpose Version 4.0 provides a more robust, expansive, and enterprise-level product that performs at all levels to deliver efficiency, reliability and the highest level of security.”

The most significant features in NeXpose 4.0 and their benefits are:

  • Highest degree of accuracy: Reduces support times, thereby decreasing cost of ownership.

  • Distributed and layered architecture: Simultaneously provides a complete overview of the entire system from a risk management perspective and a close-up view for systems administrators to see specific vulnerabilities on the device they’re repairing.

  • Built-in, automated ticketing: Tracks the workflow associated with remediation through its completion.

  • Asset groups: Groups devices/machines from anywhere in the enterprise for simplified management reporting and analysis.

  • Central Web console: Consolidates all NeXpose activity and displays all vulnerabilities, remediation tickets, devices, and risks from across the entire enterprise network.

Other features in NeXpose 4.0 include extensive reporting, auto update, risk analysis, real-time alerting, and regulatory compliance.

System Requirements

NeXpose 4.0 is a browser-based, server-side solution operating on Windows and Linux systems.

About Rapid7

Rapid7 was founded in 1998 by a team of software industry veterans who were major contributors to product development and subsequent growth and success at Percussion Software, Bond Technologies and Stride & Associates. Rapid7 launched NeXpose, its vulnerability assessment and risk management software, in 2001. For more information on the company and its product, NeXpose, visit http://www.rapid7.com.