Rapid7’s NeXpose 2011 Summer Release Adds Private Cloud Support and Superior Scalability for Enterprises and MSSPs

Rapid7®, the leading provider of security risk intelligence solutions, today announced the launch of NeXpose® 2011 Summer Release, the latest update of the Company’s award-winning vulnerability management solution, providing superior deployment flexibility, availability, ease-of-integration and scalability for today’s demanding enterprises and MSSPs. A key highlight of this release is Rapid7’s support for private cloud deployments based on its multi-tenant architecture. This further extends Rapid7’s offering of the industry’s broadest deployment flexibility for vulnerability management, which includes options for software, appliances, virtual appliances, managed services, laptops and private clouds.

“Organizations are looking for solutions that fit their particular needs rather than technology suppliers forcing a specific business model on them,” said Mike Tuchen, president and CEO, Rapid7. “By offering more flexibility, scalability, ease-of-integration, and unrivalled risk insight, we’re helping organizations meet their most critical security challenges without adding undue complexity to their existing operations. We are extremely excited about the options that this latest version of NeXpose brings to the entire industry.”

NeXpose 2011 Summer Release is part of Rapid7’s integrated security risk intelligence solution portfolio that also includes Metasploit®, the leading penetration testing platform with the world’s largest database of public, tested exploits. Rapid7’s integrated security risk intelligence solutions empower organizations to obtain accurate, actionable and contextual insight into their threat and risk posture. Unlike traditional point solution vendors, Rapid7 is uniquely positioned to deliver a closed-loop solution to determine the existence and likelihood of risk through details on vulnerabilities, exploits and misconfigurations. This solution assesses the potential impact of these threats through standards-based and customizable risk scoring, as well as delivering clear and concise recommendations on mitigation and remediation strategies.

Highlights of the NeXpose 2011 Summer Release include:

Vastly Expanded Deployment Flexibility with the Addition of Private Cloud Support and Added Platforms

With the introduction of multi-tenancy, organizations can now deploy NeXpose in a variety of ways to best suit their environment, including options for software, appliances, virtual appliances, managed services, laptops and private clouds. Organizations can also easily mix and match any of the deployment options, for example, to support security assessments in the field with mobile laptops while leveraging virtual appliances for centralized security assessments of data centers. MSSPs can easily leverage NeXpose’s multi-tenant architecture to maintain silos of information among its various clients while achieving economies of scale of shared infrastructure.

"As a partner and early adopter of Rapid7’s multi-tenant MSSP technology, IBM has been able to deliver our cloud-based vulnerability management service to enterprise customers around the globe. By bringing this technology to the market, we can help customers to manage their security risk with reduced cost and complexity,” said Marisa Viveros, vice president, IBM Security Services.

NeXpose 2011 Summer Release can now be deployed on a multitude of operating systems. In addition to previously supported platforms including Windows® Server 2003, VMware ESXi 4, Red Hat Enterprise Linux 5 and Ubuntu 8.04 LTS, NeXpose now supports Ubuntu 10.04 LTS, Windows 2008 and Windows 7 to provide even greater deployment flexibility.

Enhanced Scalability, Performance and Availability

Based on NeXpose’s Next Generation Database Architecture – first introduced in April 2011 in NeXpose 4.11 – the 2011 Summer Release adds dynamic scan pooling. Without requiring any manual intervention, the pool of available engines that can be leveraged for vulnerability scanning, now dynamically adjusts scan jobs to provide greater efficiency, scanning performance and reliability. Additionally, by pooling connections, page load times, reporting times and memory requirements are significantly reduced.

Ease-of-Integration and Expanded API Management

Rapid7 has also enhanced its enterprise support with enriched integration and API management capabilities. Already supporting more than 25 pre-built connectors to SIEM, GRC, IDS/IPS, network topology, penetration testing and other security solution categories, NeXpose’s XML-based open API has been further extended to support large enterprises and MSSPs. This enables easier configuration of NeXpose to integrate with third-party systems and simplify common administrative tasks, such as for automated ticketing and workflow management.

Improved Administrative Capabilities

NeXpose 2011 Summer Release also includes improved administrative capabilities for more flexible permissions, enhanced reporting and improved workflow support for vulnerability exceptions. With additional pre-defined roles and more than 15 new permissions, end-users can easily customize permission levels and select who receives access to systems and controls. In addition, Rapid7’s site risk trend report offers increased trending analysis based on risk score to provide more granular report control options.

“This release of NeXpose offers us increased accuracy and precision for our vulnerability scanning. For example, the new workflows for vulnerability exceptions are really efficient: they enable me to delegate adding information to the relevant person, so we get the most accurate scans, tailored to our organization, while reducing the workload. Likewise, the permissions are more granular in this release, which gives us the ability to be exact with permissions, meaning we are more accurate in giving people only the access they absolutely need,” said Jeremy Wood, senior security engineer, Norwich University. “We already love NeXpose for the unique features it offers, particularly the tight integration with Metasploit, and this new release really just builds on that to make it even better!”

Rapid7’s NeXpose 2011 Summer Release is now generally available for public use. For more information, please visit http://www.rapid7.com/products/vulnerability-management.jsp.

About Rapid7

Rapid7® is the leading provider of security risk intelligence solutions. Rapid7’s integrated vulnerability management and penetration testing products, NeXpose® and Metasploit®, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7’s solutions are being used by more than 1,600 enterprises and government agencies, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies worldwide by Inc. Magazine and is backed by Bain Capital Ventures. For more information about Rapid7, please visit http://www.rapid7.com.