• Nexpose
  • Overview
  • Features
  • Architecture & Open API
  • Try NeXpose
  • Buy NeXpose
  • System Requirements
  • Vulnerabilities Tested
  • NeXpose Information
• Solutions
  • Web Application VA
  • Database VA
  • Network & OS VA
  • Compliance Scanning
• Services
  • PCI Compliance Testing
  • Penetration Testing
  • Web Application Security Audits
  • Best Practices Consulting
  • Social Engineering
  • NeXpose Training
• Support
  • NeXpose FAQ
  • System Requirements
  • Support Form
  • Vulnerabilities Tested
  • Customer Center Login
• Security Center
  • Advisories
  • Vulnerabilities Tested
  • Compliance
  • White Papers & Articles
  • SSHredder Test Suite
• Company
  • Management
  • Board of Directors
  • Investors
  • Customers
  • Partners
  • Press Room
  • Events
  • Careers
• Customers

Why Choose NeXpose?

NeXpose Unified Vulnerability Management combines vulnerability assessment, risk management, policy and compliance reporting, remediation guidance, and automated ticketing into one integrated package. NeXpose is the broadest and deepest vulnerability management solution on the market, providing comprehensive, high performance coverage of network, databases and Web applications, including Web 2.0 and JavaScript. NeXpose accurately scans your complete IT environment to find threats, assess their risk and devise a remediation plan to quickly eliminate these risks. Extensive and flexible reporting shows how certain vulnerabilities can effect an IT environment, helping security professionals prioritize the remediation effort, secure their networks and achieve compliance with government regulations, security configuration policies and the PCI Data Security Standard. NeXpose helps companies implement a measurable and proactive vulnerability management process to ensure a high level of network security without compromise.

NeXpose Benefits

• Reduces the time, risk and cost associated with finding and fixing security vulnerabilities
• Helps organizations assess and maintain strong network security and comply with mandatory regulations
• Ensures that all of your systems, databases and applications are secured without the cost of multiple products

NeXpose Features

• Flexible deployment options - Deploys as an appliance, software or managed service, or any combination, to meet any organization's deployment requirements.
• Broad platform coverage - Scans the entire network and consolidates the information into one centralized database. Being able to assess network devices, scan Web applications, and inspect databases and Lotus Notes applications for exposures and policy violations helps organizations understand the complete picture of security across their entire networked environment.
• Risk Assessment and Management – Provides an accurate and thorough analysis on how a vulnerability in one system affects another, ensuring the organization maintains up-to-date insight into how its vulnerabilities impact the entire enterprise. Risk scores are assigned to each asset based on several factors that weigh the relative risk of discovered vulnerabilities, facilitating smoother prioritization of remediation tasks.
• Policy Compliance Checking & Reporting – Determines if the enterprise network systems comply with governmental regulations (SOX, HIPAA, GLBA), industry-recommended security policies, and corporate standards and best practices. NeXpose provides a policy compliance report that enables IT managers to determine which systems are violating regulations and policies.

Click to Enlarge
• Ticketing with Remediation Workflow – Enables organizations to manage the remediation workflow process with a built-in ticketing system, implementing an approach for fixing vulnerabilities quickly and easily using information contained in remediation reports. Remediation tasks are delegated to the analysts and administrators responsible for individual systems. They can generate, track and close tickets and have clickable access to patches, example solutions and expanded information about system vulnerabilities. This provides a complete resolution process, ensuring critical vulnerabilities are fixed immediately.
• Java Expert System Shell (JESS) – Incorporates an expert system into the NeXpose Scan Engine that performs extensive system checks to dig for exposures other products cannot reach. Like a hacker, our expert system uses discovered vulnerabilities to attempt to penetrate systems, revealing exposures without compromising the network.
• Asset groups with access control - Creates arbitrary collections of devices and machines known as asset groups, allowing organizations to divide security responsibilities across the enterprise and assign information access to specific users. More users are thus involved in network security across Web servers, databases, operating systems and network hardware.
• Accurate Scan Results - No False Positives - The highly intelligent NeXpose expert system enables organizations to scan systems accurately and produce definitive proof of the vulnerabilities discovered. Because NeXpose exploits vulnerabilities and leverages those exploits to access other systems, it can effectively calculate the true risk to the total environment and provide an understanding of how vulnerabilities create risk. This capability reduces false positive reporting to less than 1%, providing faster and more accurate reporting across the entire enterprise network.
• Auto-update - Automatically accesses the Rapid7 servers for the latest information on new vulnerabilities, transparently updating on a scheduled basis to prevent an organization from inadvertently leaving their network exposed.

Click to Enlarge
• Customizable reports - Provides extensive reporting on vulnerabilities in formats suitable for a wide range of audiences, from upper management to system administrators. Reports can be generated providing baseline comparisons, trends, policy evaluations, remediation plans, audits and executive overviews.
• Hosted scanning - Tests for vulnerabilities from both inside and outside the firewall, ensuring your perimeter is protected from external threats.

NeXpose is the most complete vulnerability management solution available, delivering advanced, automated features and expert system technology in one integrated package to enable continuous protection from IT security threats.

Copyright © 2001 - 2008, Rapid7, LLC. All Rights Reserved.

• Home
• |
• Nexpose
• |
• Solutions
• |
• Services
• |
• Support
• |
• Security Center
• |
• Company
• |
• Contact