Rapid7 Nexpose is an impressive appliance. Although it is in the hybrid category, the penetration tool is used specifically to validate vulnerabilities and is not intended to be used alone. This is typical of the way an attacker would attempt to penetrate a target.
Set-up is plug and play, and the product can use dynamic host configuration protocol (DHCP) if the network supports it. Set-up begins using the LCD display on the appliance and, after setting addresses, further management and configuration continues through a regular web browser.
The user interface is clean and reporting is robust. Nexpose sports an easy to use, well-organised dashboard and supports a wide range of compliance reporting, including Payment Card Industry standards.
The tool begins its work by scanning the network to discover devices for testing. Once the scans are completed, Nexpose performs automatic penetration testing in an attempt to exploit the vulnerabilities found. This greatly limits false positives. It does, however, lower performance. Nexpose found just over 80 per cent of our vulnerabilities.
This appliance has some added capabilities we found impressive. For example, it performs trouble ticketing and makes recommendations for risk reduction based on the vulnerabilities it finds.
Documentation is comprehensive, clear and well-organised. The product comes with a quick-start guide that takes you through set-up. Phone support is available during office hours free of charge, and there is an optional 24/7 plan for an additional cost. Upgrades to the signature set are free and available every three days. The website is full of support tools, such as FAQs, documentation briefs and other useful literature.
At between £1,000 and £2,000 for the appliance, plus £15,000 for a class C licence, Nexpose is not cheap. But it delivers a lot of bang for the buck.