Rapid7, a leading provider of IT security risk management software, today announced that the new capabilities of its vulnerability management solution, Nexpose, further simplify the complex challenge of IT security risk management. Nexpose 5.5 introduces new capabilities for configuration assessment and enhanced reporting to make it easier for security professionals to see and understand the risk associated with their IT assets, users, and the threats relevant to their organization. Additionally, the new version introduces the option to deploy Nexpose as a virtual appliance, extending Rapid7’s commitment to supporting virtual environments, as well as delivering ease-of-use and deployment flexibility for customers.

“Security professionals face a vast and complex challenge, and they need visibility into their organization’s risk exposure to help them make productive decisions to improve their position,” said Richard Perkett, vice president of Engineering, Rapid7. “The new capabilities in Nexpose streamline this process. Security professionals can get a full picture of risk across their IT assets, encompassing vulnerabilities and configuration issues, and presented in easy-to-use customizable reports. This enables better decision-making and increases the credibility of the security team across the organization.”

“As organizations go forward in an ever more dangerous IT environment, it is imperative that they have knowledge of the threats, vulnerabilities, and overall risk to their environment. Vulnerability assessment is a critical step in this and not only improves an organization’s overall security, but can reduce costs and make a company more competitive,” said Charles Kolodgy, vice president of research for Secure Products at IDC. “Capabilities such as integrated configuration assessment and enhanced reporting make security smarter and helps prioritize action and investment.”

The new enhancements to Nexpose 5.5 include:

Configuration Assessment

Organizations need to ensure they are complying with various policy standards, whether they are internal best practice standards, or from external regulatory bodies such as the National Institute of Standards and Technology (NIST). A part of this is ensuring their IT assets are configured in the right way. Traditionally, policy and compliance evaluation are done separately from vulnerability assessments, decreasing productivity for organizations that have to go through similar processes more than once. Version 5.5 extends Nexpose’s existing integrated configuration assessment capabilities by adding CIS Benchmarks, enabling security professionals to benefit from the increased efficiency of unified discovery, scanning, reporting and management.

Enhanced Reporting

Identifying areas of potential risk is crucial, and it is equally vital that the information around risk is presented in a way that is easy to understand and actionable, so the organization can move forward and act to minimize risk. This has traditionally resulted in security professionals spending a large amount of time on reporting, frequently without the real desired outcome of identifying whether the organization’s security posture is improving. Nexpose 5.5 addresses this, providing a simplified reporting workflow that enables users to create customized reports that put the information they need in their hands. Users can also benefit from pre-made templates out-of-the-box, as well as community-driven reports distributed through Rapid7’s community site.

Deployment as a Virtual Appliance

Rapid7 is committed to providing flexibility so customers can deploy Nexpose in whatever means best suits their environment and needs. The solution is already available on a physical appliance, a hosted SaaS solution, or as downloaded software. With the release of the latest version, users will also be able to deploy it as a virtual appliance later this month. This enables security professionals to quickly and easily deploy Nexpose in their virtual environment.

Pricing and Availability

Nexpose 5.5 is available immediately from www.rapid7.com. For information on pricing, please contact info@rapid7.com. For a free trial, please visit http://www.rapid7.com/products/nexpose/download.jsp.

About Rapid7

Rapid7 is a leading provider of IT security risk management software. Its integrated vulnerability management and penetration testing products, Nexpose and Metasploit, and mobile risk management solution, Mobilisafe, enable defenders to gain contextual visibility and manage the risk associated with the IT environment, users and threats relevant to their organization. Rapid7's simple and innovative solutions are used by more than 2,000 enterprises and government agencies in more than 65 countries, while the Company's free products are downloaded more than one million times per year and enhanced by more than 175,000 members of its open source security community. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner®, Forrester® and SC Magazine. The Company is backed by Bain Capital and Technology Crossover Ventures. For more information about Rapid7, please visit http://www.rapid7.com.