Rapid7 Nexpose 網絡漏洞偵測軟體
Rapid7 Nexpose
Take a holistic approach to vulnerability management Nexpose drives the collection of security risk intelligence to give you the insight you need to make more effective security decisions for your business. Scan 100% of your IT infrastructure Scan databases, web applications, network devices across both physical and virtual environments over IPv4 and IPv6 networks to ensure you know about all of your vulnerabilities. Accurately understand your real risk exposure Utilize continuous discovery of physical and virtual assets along with integrated information on Malware and Exploit exposure, Nexpose provides insight into your most significant risks. Prioritize vulnerabilities quickly and accurately Scans can uncover thousands of vulnerabilities; with Rapid7 Real RiskTM and 145 vulnerability filters, Nexpose effectively prioritizes your remediation efforts.
Verify vulnerabilities have been mitigated With integration with Metasploit, your security teams can automatically verify that mitigation efforts have been successful, reducing manual efforts and providing more effective risk reduction.
Key Benefits
Delivers these core capabilities: Unrivaled breadth of unified vulnerability scanning – Scans for over 35,000 vulnerabilities with more than 100,000 vulnerability checks in networks, operating systems, web applications and databases across a wide range of platforms. Ongoing vulnerability updates – Automatically provides vulnerability updates without user intervention. Delivers immediate Microsoft Patch Tuesday vulnerability updates within 24 hours to stay current with the changing threat landscape. Rapid7 Real Risk – Provides clear insight into the real risk of each unique environment by incorporating information on Exploit Exposure, Malware Exposure, and temporal risk scores as well as CVSS v2 scores. Comprehensive compliance and policy checks – Determine if your systems comply with corporate or regulatory policies such as PCI, HIPAA, NERC, or FISMA. Strong security configuration assessment – Centrally manage and modify your policies and easily detect misconfigurations in your environments. View policy dashboards and report compliance against regulations and auditing guidance such as FDCC, USGCB, and CIS benchmarks. Distribute step-by-step remediation plans Easily create and automatically distribute short, actionable, step-by-step remediation plans, which allows the IT team to focus on reducing risk important to your organization. Continuous discovery of virtualized assets – Native integration with VMware Center enables Nexpose to deliver real-time visibility of all virtual assets and insight into the threat exposure of those assets. Create and manage dynamic groups – Administrators can group assets according to customized risk strategies or other criteria to track and report on the status of those assets overtime. Robust predefined and customizable reports and dashboards – Leverage dozens of out-of-the box reports and view executive dashboards to obtain instant insight into your security posture. Create additional reports on the fly or include from community report template library. End-to-end enterprise workflow support – Manages and helps automate the end-to-end vulnerability management lifecycle including intelligent discovery, risk detection, testing and validation, actionable reporting and remediation. Effectively manages exceptions and policy overrides with approvals and escalations. Powerful administration management – Supports centralized administration for geographically or organizationally dispersed network environments provide role-based access for delegated administration and reporting and integrate with Active Directory, Kerbos, or any LDAP compliant directory. Extensive enterprise integration – Integrate Nexpose Enterprise with many third-party security, compliance and risk management solutions based on pre-built integrations and Nexpose’s XML-based Open API. Out-of-the box Metasploit® integration – Works with Metasploit to provide remote scan control, exploit identification and automated exploitation functionality. Flexible deployment models – Deploy as software, hardware appliance, virtual appliance, managed service or private cloud to meet your unique security assessment needs. Gain Greater Insight with “Understanding risk across virtual and physical environments can quickly become a daunting task if a complete view of assets and related exposures most vulnerable to an attack are not readily available. Companies have long needed a way to make smarter choices when managing their infrastructure and vendors like Rapid7 are helping to provide insight into actual and validated risks.” |