Rapid7 Nexpose v5.5
February 01, 2013
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Quality and history of the company’s knowledge base.
- Weaknesses: Did not see an automated ticket-escalation feature.
- Verdict: Outstanding product.
Nexpose assists clients through the entire vulnerability management lifecycle - from discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation. Organizations can use the Nexpose toolset to gain insight into their security posture and IT environment. Nexpose's intuitive graphical user interface (GUI) makes it easy for clients to run scans for known vulnerabilities on their network. Users also can configure the product to scan their websites and servers for web application vulnerabilities to determine their overall level of policy compliance in one unified product and scan of their network. Nexpose presently has more than 97,000 checks and 34,000 vulnerabilities. It includes metadata around each of the discovered vulnerabilities on the network. The solution data allows users to view standard metrics to see which common vulnerabilities and exposures (CVE) and common configuration enumeration (CCE) identifiers, common vulnerability scoring system (CVSS) risk scores, and others, such as information assurance vulnerability management (IAVM), to use when researching a discovered vulnerability. Rapid7 enhances the public metrics with information about any known malware and exploits associated with a vulnerability, as well as detailed remediation information that allows users to fully comprehend the tasks and time required to remediate the vulnerability. Users can use the integration between Nexpose and Metasploit to verify vulnerabilities, determining not only that the vulnerability exists on the system, but also that it can be exploited by an attacker.
We were impressed with the quality of the vulnerability scanner. The number of discovered vulnerabilities was extremely high. Validation of the vulnerabilities was excellent. The remediation recommendations were clear and, by taking advantage of the long history of the product's vulnerability/exploit engine, went well beyond just reciting CVE information. It then delivered clear remediation recommendations. Overall, the performance of the system was strong.
Documentation included an intuitive "help" function. The company's website provides the typical assistance documentation, such as a searchable knowledge base and a FAQ. Other documentation includes Rapid7 Community, Rapid7 Self-Help, a knowledge base and more.
The company's support structure is fairly complicated. Telephone and email aid is offered to all customers of Rapid7 as a component of their license fee and each annual renewal. Clients who have purchased Nexpose Enterprise also benefit from a dedicated account manager, who schedules regular check-ins, offers industry insights, can organize professional or technical training, and can help resolve any problems. Support offers 24/7 incident response times, 24-hour vulnerability service level agreements (SLAs), and reliable testing guarantees.
Rapid7 offers 5/24 support and 2/24 support for issues that are considered critical. It operates on a support model that escalates critical issues for all customers. Other levels of help include: eSupport software releases, updates, fixes, and telephone support (Monday to Friday, 8 a.m. to 8 p.m. EST).
Overall, the value for the cost is good.
Sign up to our newsletters
SC Magazine Articles
- Zero-day in Fiat Chrysler feature allows remote control of vehicles
- 'GSMem' malware designed to infiltrate air-gapped computers, steal data
- All smartwatches are vulnerable to attack, finds study
- Fake games in Google Play redirect Android users to porn sites
- Apple App Store and iTunes buyers hit by zero-day
- United reportedly hacked by same group that breached Anthem, OPM
- HAMMERTOSS malware represents culmination of 'best practices' for cyber attackers
- Hundreds of Massachusetts General Hospital patients notified of data incident
- Majority of Android devices vulnerable to denial-of-service bug
- Security concerns raised at Windows 10 roll-out