Rapid7 acquires NT OBJECTives, offers web app scanning

Rapid7 has acquired NT OBJECTives (NTO), expanding Rapid7’s Threat Exposure Management offering to further meet the needs of business infrastructures.

NTO’s application security testing solution analyzes web applications for security vulnerabilities. Rapid7 is offering this technology under the name Rapid7 AppSpider.

“To truly manage and reduce threats, organizations require solutions that collect and analyze data across modern business infrastructure, including users, mobile assets, cloud data stores, and web applications,” said Corey Thomas, president and CEO at Rapid7.

The Rapid7 AppSpider suite includes all the capabilities previously offered by NTO with comprehensive dynamic application security testing and scalable enterprise scanning program management, delivered as software or in the cloud.

Universal translator: The solution’s unique “Universal Translator” technology enables security teams to analyze even the most complex applications, including rich Internet applications (AJAX, GWT) and web services (REST, JSON), to provide greater visibility of risks.

Customized attacks: The dynamic analysis tool conducts a thorough analysis and interprets what the application is expecting so it can create intelligent, customized attacks. This delivers more accurate results and enables teams to automatically test complex business workflows, like shopping carts, which were previously untestable.

Scanning automation: Security teams can save time and resources since nearly every step of the application security assessment process has been automated.

Live vulnerability reports and attack replay: Some other solutions provide reams of cumbersome, static, PDF reports. AppSpider provides interactive actionable reports with greater organization and links for deeper analysis. Within reports, users can replay vulnerabilities in real-time to confirm vulnerabilities are exploitable and then remediated.

Continuous site monitoring: AppSpider identifies changes in application ecosystems, which may inadvertently introduce new vulnerabilities. It then triggers a re-scan according to configurable settings.

Integration with protection technologies: AppSpider will automatically generate Web Application Firewall (WAF) custom rules that help to protect vulnerable applications while the vulnerabilities are being remediated. AppSpider supports most leading WAF/IPFs, including F5, Sourcefire, and Imperva.




Share this