Rapid7 Nexpose v5.5
Strengths: Quality and history of the company’s knowledge base.
Weaknesses: Did not see an automated ticket-escalation feature.
Verdict: Outstanding product.
Nexpose assists clients through the entire vulnerability management lifecycle - from discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation. Organizations can use the Nexpose toolset to gain insight into their security posture and IT environment. Nexpose's intuitive graphical user interface (GUI) makes it easy for clients to run scans for known vulnerabilities on their network. Users also can configure the product to scan their websites and servers for web application vulnerabilities to determine their overall level of policy compliance in one unified product and scan of their network. Nexpose presently has more than 97,000 checks and 34,000 vulnerabilities. It includes metadata around each of the discovered vulnerabilities on the network. The solution data allows users to view standard metrics to see which common vulnerabilities and exposures (CVE) and common configuration enumeration (CCE) identifiers, common vulnerability scoring system (CVSS) risk scores, and others, such as information assurance vulnerability management (IAVM), to use when researching a discovered vulnerability. Rapid7 enhances the public metrics with information about any known malware and exploits associated with a vulnerability, as well as detailed remediation information that allows users to fully comprehend the tasks and time required to remediate the vulnerability. Users can use the integration between Nexpose and Metasploit to verify vulnerabilities, determining not only that the vulnerability exists on the system, but also that it can be exploited by an attacker.
We were impressed with the quality of the vulnerability scanner. The number of discovered vulnerabilities was extremely high. Validation of the vulnerabilities was excellent. The remediation recommendations were clear and, by taking advantage of the long history of the product's vulnerability/exploit engine, went well beyond just reciting CVE information. It then delivered clear remediation recommendations. Overall, the performance of the system was strong.
Documentation included an intuitive "help" function. The company's website provides the typical assistance documentation, such as a searchable knowledge base and a FAQ. Other documentation includes Rapid7 Community, Rapid7 Self-Help, a knowledge base and more.
The company's support structure is fairly complicated. Telephone and email aid is offered to all customers of Rapid7 as a component of their license fee and each annual renewal. Clients who have purchased Nexpose Enterprise also benefit from a dedicated account manager, who schedules regular check-ins, offers industry insights, can organize professional or technical training, and can help resolve any problems. Support offers 24/7 incident response times, 24-hour vulnerability service level agreements (SLAs), and reliable testing guarantees.
Rapid7 offers 5/24 support and 2/24 support for issues that are considered critical. It operates on a support model that escalates critical issues for all customers. Other levels of help include: eSupport software releases, updates, fixes, and telephone support (Monday to Friday, 8 a.m. to 8 p.m. EST).
Overall, the value for the cost is good.