Rapid7 released Nexpose Ultimate, a vulnerability management solution that combines assessment of vulnerabilities and controls, vulnerability validation, and prioritized remediation planning in a single solution.
Looking at vulnerabilities and controls in isolation creates holes which attackers can exploit. Vulnerability validation solves this problem by testing whether vulnerabilities in your network could be exploited by an attacker. Lack of vulnerability validation along with long reports showing numerous “high” priority issues leads to lack of confidence and the inability for IT organizations to act on security issues.
Nexpose Ultimate addresses both of these challenges by assessing vulnerabilities and controls together, and by providing IT operations with validated, simple, and clear remediation reports, specific to their area of responsibility. This enables them to act on the highest priority issues.
By gathering vulnerability, compliance, and controls information in a single scan, Rapid7 Nexpose Ultimate enables IT security teams to determine their exposure across their physical and virtual networks, mobile devices, and Amazon Web Services cloud while understanding the risk associated with each asset. This single scan methodology enables organizations to gain critical insight into their risk while imposing the smallest possible burden on the network.
The insight into risk goes beyond looking at the vulnerabilities in browsers, operating systems, Flash, Java and other third-party software to common weaknesses in controls such as weak password policies, out of date anti-virus solutions or desktop applications installed on servers.
A key criteria of a successful security program is the operational execution of remediating vulnerabilities and implementing controls, which is challenging for many security teams due to complexity and scale. The key to getting operating teams to act on security issues is prioritization, clarity on action needed, and credibility of information.
In addition to using vulnerability validation, controls and vulnerabilities in Nexpose are prioritized according to three advanced algorithms developed by Rapid7:
- The RealRisk algorithm weighs not only the CVSS score but also common factors such as malware and exploit exposure and temporal risk metrics.
- RealContext deepens prioritization by ensuring organizations focus on the most critical assets.
- An intelligent threat model helps organizations understand the effectiveness of the controls they have in place and identifies the next controls they should implement or improve to secure their overall enterprise.