2012 Press Releases

PDF Version

Rapid7 and FireMon Combine Security Risk Intelligence Solutions to Deliver Real-World Proactive Risk Analysis and Remediation

Closed-Loop System of Metasploit, Nexpose and Risk Analyzer Reduces Threat Signal-to-Noise Ratio with End-to-End Attack Simulation and Risk Assessment

Boston, MA - February 15th, 2012 - Rapid7 and FireMon today announced the integration of Rapid7's Nexpose and Metasploit solutions with FireMon's Risk Analyzer™ product. This unique integration enables organizations to identify and visualize critical security holes and map them against known threats. These findings are then validated through attack simulation and prioritized remediation actions can be virtually applied. Users can then see the impact of these actions on network risk reduction.

This significantly reduces the threat signal-to-noise ratio, providing a higher confidence level in the data on vulnerabilities that actually present a meaningful threat to customers' specific environments. This allows organizations to prioritize remediation actions to make a real difference to their security posture and maximize Security Operations Center (SOC) operations effectiveness.

"Organizations have long struggled to gain real-world insight into their exposure risk so they can take steps to improve their risk posture. The combination of Nexpose, Metasploit and Risk Analyzer provides precisely this kind of contextual insight, delivering a closed-loop system for identifying, modeling and validating risk specific to their own environments," said Sheldon Malm, head of strategic partners and alliances, Rapid7. "Together with Firemon, we're helping security professionals reduce their operating costs and focus first on the most critical security exposures within their unique environments so they can improve their risk posture more effectively."

As organizations face a variety of attacks from increasingly sophisticated adversaries, it's critical to proactively analyze and measure the risk posture of the IT environment. Nexpose addresses this need by scanning the entire physical and virtual IT environment for vulnerabilities and misconfigurations, mapping the results to known exploits and malware kits, and prioritizing remediation steps based on the results.

Risk Analyzer can now import and leverage data from Nexpose to configure and execute multiple risk scenarios. This threat modeling can be used to assess risk on an ad-hoc and trending basis, for example to identify an attacker's breach path to financial data. The validity of these risk scenarios is further enhanced by executing a penetration test with Metasploit to validate actual exposures and help prioritize remediation steps.

"Risk Analyzer has always excelled at enabling organizations to pinpoint which remediation efforts will reduce the greatest amount of risk with the least amount of effort. Integrating Metasploit and verifying which assets can be compromised by an actual known attack is a game changer in risk analysis and remediation," said Ward Holloway, vice president of business development, FireMon. "Adding this critical data into the prioritized remediation list produced by Risk Analyzer ensures that security organizations focus their stretched resources on actions that will reduce the greatest amount of risk in their specific environment."

For more information visit Rapid7 (www.rapid7.com) and FireMon (www.firemon.com).

About FireMon
FireMon provides enterprises with security management software that gives them deeper visibility and tighter control over their network security infrastructure. The FireMon solution set - Security Manager, Policy Planner, Risk Analyzer and BackBox - enables customers to identify network risk, proactively eliminate vulnerabilities, strengthen security throughout the organization, and reduce the cost of security operations and compliance. Together, they create a highly effective, efficient and consistent solution for managing security operations. For more information, visit www.firemon.com.

About Rapid7

Rapid7 is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, Nexpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 2,000 enterprises and government agencies in more than 65 countries worldwide, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a “Top Place to Work” by the Boston Globe. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit http://www.rapid7.com.

Awards
Rapid7 named a Most admired Startup company by Boston Business Journal SC Magazine Finalist Deloitte Fast 500 Award Logo ASC Award inc500 Award Logo 2009 Redherring Winner Logo 2009 Best Prodcuts Logo 2009 Tomorrow Tech Logo 2009 GPE Awrads Logo Finalist Hot Companies 2009 Logo Rapid7 Star100 Revised Graphic SC Award Nominee 2008 Nominee 2008 Global Exeellence SC Awards 2007 Finalist Hot Companies of 2007 Customer Trust Logo Hot Company 2006 Logo SC 2006 Awards Winner
Most Read
Most Downloaded
Press Releases