Expose on Nexpose
June 21, 2017

Expose on Nexpose

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Rapid7 NeXpose

Nexpose from Rapid7 is a vulnerability scanner that supports the vulnerability management lifecycle. It addresses discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. There are a wide variety of versions available: standalone software, an appliance, virtual machine, a managed service, or a private cloud deployment. User interaction is through a web interface. There is a free (but limited) community edition. It integrates Metasploit for vulnerability exploitation which provides very timely results against known and active vulnerabilities.

Pros

  • Timely content by virtue of being tied to metasploit
  • Easy to use interface
  • Depth across the security life cycle

Cons

  • Management side of things is a bit less functional than [Nexus]
  • Perhaps more robust reporting for higher level reporting
  • The alerting/messaging system could use additional flexibility
  • Can reduce time to patch most critical vulnerabilities
  • Can help to identify who is spending time patching things of lower risk thus keeping the organization in a more vulnerable position
  • Easily provides the patch team with a work plan to enhance security more quickly
Tenable has a more refined look for the reporting that it provides as a result of scanning events, but Nexpose seems to have a better ability to help quantify risk and help prioritize the work needed to get the quickest security result for the team and the company. The Nessus Passive Vulnerability Scanner is a highly desireable tool but can be supplanted with some thought and coding.
Rapid7 is well suited for security operations teams and includes an ability to tie almost anything into it via the Ruby API. The reporting provides prioritization of results which easily directs the team to get the quickest security gains with the least amount of effort, "apply this patch to remediate this amount of vulnerabilities on this device."

Comments

More Reviews of Rapid7 InsightVM