Nexpose v 5.5
Strengths: Quality and history of the company’s knowledgebase
Weaknesses: We did not encounter an automated ticket-escalation feature when testing the product
Verdict: An outstanding vulnerability management product
Rapid7's Nexpose assists clients through the entire vulnerability management lifecycle - spanning discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation. Organisations can use it to gain insight into their security posture and IT environment.
Nexpose's intuitive graphical user interface makes it easy for clients to run scans for known vulnerabilities on their network. Users can also configure the product to scan their websites and servers for web application vulnerabilities to determine their overall level of policy compliance.
Nexpose presently has more than 97,000 checks and 34,000 vulnerabilities. It includes metadata around each of the discovered vulnerabilities on the network. The solution data allows users to view standard metrics to see which common vulnerabilities and exposures, common configuration enumeration identifiers, common vulnerability scoring system risk scores, and others, such as information assurance vulnerability management, to use when researching a discovered vulnerability.
Rapid7 enhances the public metrics with information about any known malware and exploits associated with a vulnerability, as well as detailed remediation information that allows users to fully comprehend the tasks and time required to remediate the vulnerability, using the integration between Nexpose and Metasploit to verify it. Users can also focus remediation on the issues that actually provide real risk to their environment.
Deployment options include software, hardware and virtual appliances, as well as a managed service. The lab evaluation installation was done with a CD provided by Rapid7 that included two installers: Windows 64-bit and Linux 64-bit. There was also a Readme file that contained the activation code. Installation was simple, and once completed the application was accessed by a browser on the Windows Server Enterprise 64-bit and hosted on ESXi. Configuration of the application was easy and we were up and running in less than ten minutes.
We were impressed with the quality of the vulnerability scanner. The number of discovered vulnerabilities exceeded all other tests, and validation of the vulnerabilities was excellent. The remediation recommendations were clear, and by taking advantage of the long history of the product's vulnerability/exploit engine it went well beyond just reciting common vulnerabilities and exposures information. It then delivered clear remediation recommendations. Overall, the performance of the system was very strong.
Documentation included an intuitive help area. The company's website provides the typical assistance documentation, such as a searchable knowledgebase, FAQs and the Rapid7 community and self-help functions.
The company's support structure is fairly complicated. Telephone and email aid is offered to all customers as part of their licence fee and annual renewal. Support offers 24/7 incident response, 24-hour vulnerability service level agreements and reliable testing guarantees.
At a cost of £21,985 for 256 IPs, we find the cost of Nexpose v5.5 to be excellent value.