For the first time, organisations will be able to ensure that their virtual environments do not represent potential hidden security threats. Rapid7 already provides integrated security risk intelligence to map known exploits against found vulnerabilities, helping organisations prioritise which vulnerabilities to remediate first; increasing user productivity and enhancing the organisation’s security posture in a significant way. Nexpose 5.0 will augment this intelligence with the introduction of its patent-pending Real Risk™ technology that leverages Rapid7® Malware Exposure, identifying which vulnerabilities are currently exploited by malware, and making the risk scores used for prioritized remediation even more meaningful and contextual to security teams.
“There is no silver bullet for addressing the issue of security, so it is essential that organisations are armed with real security risk intelligence and innovative solutions to identify, understand, prioritise, and address the specific threats and risks facing them every day. A critical element of this is ensuring that defenders can keep up with the IT deployment paradigms that are shaping the threat landscape,” said Mike Tuchen, president and CEO of Rapid7. “Nexpose 5.0 represents a leap forward in this innovation, delivering practical discovery and scanning options for virtual environments. Combined with the latest malware intelligence, customers can make sensible, prioritised remediation decisions across their virtual and physical environments.”
Vulnerability Management Encompassing Virtualised Environments
According to analyst firm Gartner, “more than 80% of enterprises now have a virtualisation program or project”, with wide scale adoption being driven by significant proven benefits including lower cost of ownership, accelerated hardware ROI, and a simplified physical infrastructure. However, these new deployment models requires a shift in security paradigms. From 2005 to 2009, the number of annually disclosed virtualisation vulnerabilities increased by more than 300%, with new classes of vulnerabilities affecting management consoles, management servers, administrative VMs, guest VMs, and hypervisors. As the interest in virtualisation has increased, so has the severity of these vulnerabilities, with 40% classified as "high severity".
Rapid7 is proactively addressing this emerging threat with Nexpose 5.0: the first vulnerability management solution to offer organisations patent-pending vScan technology, which enables continuous discovery of virtual machines in their dynamic environments, ensuring they are included in scanning, prioritisation and remediation efforts. Virtualisation management metadata is used to discover and track assets in their virtualised infrastructure, giving defenders an up-to-date and accurate view of real risk across their entire physical and virtualised infrastructures. Changes to the status of virtual machines are updated automatically as they are migrated to new hosts or switched on and off. Once discovered, these assets can be classified by the specific factors that are important to security and operational professionals and Nexpose will dynamically update users if any of those key factors change in the assets so they can be appropriately re-classified. These capabilities for virtualisation management will initially be available for VMware vCenter™ Server.
Risk Analytics Incorporating Malware Information
Rapid7's approach to security risk intelligence propels vulnerability management beyond the capabilities of other solutions, enabling clearer insight into the real risk of each unique environment it scans, driving more efficient and dramatic reductions to risk exposure. Nexpose 5.0 introduces Nexpose® Real Risk, the industry’s most comprehensive risk intelligence system. Building on the breakthrough Exploit Exposure – the ability to map identified vulnerabilities to known exploits – Nexpose Real Risk adds Malware Exposure, enabling defenders to factor malware kits into risk intelligence. This gives defenders a significant boost in proactively identifying the vulnerabilities that represent the greatest risk and prioritising their remediation for the greatest productivity and improvement of security posture.
Most vulnerability management solutions do not account for the risk of malware as part of an overall risk assessment. In 2010, 49% of data breaches involved malware, though only 13 vulnerabilities were exploited in this way. Proactive identification of those vulnerabilities that can be leveraged by malware enables defenders to prioritise these for treatment, greatly enhancing their security. Nexpose Real Risk is further enhanced by new trending capabilities that enable defenders to dynamically track and report on critical physical and virtual IT assets over time, even if these assets change, come online or are powered off.
“Understanding risk across virtual and physical environments can quickly become a daunting task if a complete view of assets and related exposures most vulnerable to an attack are not readily available," said Andrew Hay, senior analyst, Enterprise Security Practice, The 451 Group. "Companies have long needed a way to make smarter choices when managing their infrastructure and vendors like Rapid7 are helping by providing insight into actual and validated risks.”