NeXpose already provides organizations with visibility into their risk by scanning all critical assets for vulnerabilities and prioritizing threats for mitigation across the entire network. The volume of potential issues across servers, networks with thousands of IP addresses, databases and Web applications can overwhelm a security team if responsibilities and workloads are not properly distributed and balanced. For example, roles-based administration enables a security manager using NeXpose to align staff appropriately, ensuring siloed top-level clearance while distributing the power to remediate immediate security issues to a wider set of line administrators. The result is a reduced concern over insider threats and the maintenance of a sound fundamental security posture that enables quick and immediate response to vulnerabilities, limiting exposure and damage.
"Our main philosophy is that all security is local. We needed a tool that reduced vulnerabilities in the central systems but also gave local administrators the ability to scan their own networks and servers when necessary," said Randy Marchany, director of Virginia Tech IT Security Lab. "Rapid7 NeXpose's roles-based administration empowers departmental systems administrators to execute self scans of systems and analyze results before the central IT security organization reviews the data. As a result, departments are reducing their risk profiles and our central IT security organization can widen the use of NeXpose with confidence."
The roles-based component of NeXpose Security Console assigns default roles based on a pre-determined set of permissions; however it can be customized to scale with the needs of any individual organization. The five pre-defined roles are:
Global Administrator " provides the ability to perform all NeXpose Security Console functions for managing users, sites, scans, asset groups, vulnerabilities, reports and the console itself.
Security Manager " provides the ability to perform a subset of NeXpose functions related to sites, asset groups, scans and reports, all of which are at the Global Administrator's discretion.
Site Administrator " provides the ability to perform a subset of NeXpose functions with the key restriction operating within sites, not asset groups.
System Administrator " provides the ability to view data about discovered assets, run one-off scans manually as needed and create, modify and run reports.
Non-administrative user " differs notably from all other default roles. This role does not include the ability to run scans, rather provides two primary functions related to asset groups and reports: view data about discovered assets and create, modify and run reports.
"Our customers are always looking for new ways to increase the power of NeXpose," said Mike Tuchen, president and chief operating officer at Rapid7. "Adding roles-based administration to our NeXpose Security Console gives organizations increased flexibility and control to match their internal staff skills and resources in mitigating risk and vulnerabilities, thereby enhancing NeXpose's role as the foundation of their security strategy."
About Rapid7 Rapid7 is a leader in vulnerability management and compliance, delivering a single unified solution across an organization's entire infrastructure. Rapid7 NeXpose helps securities professionals to reduce their attack surface by providing actionable insights into the real threats from vulnerabilities across their entire IT infrastructure. Rapid7 NeXpose is the only solution that provides in-depth coverage of vital Web and database systems in addition to networked devices, servers, and operating systems. The NeXpose A.I. and Reporting Engines synthesize large quantities of raw data to provide direct insight into the vulnerabilities that represent the most risk to the business. From this insight the product delivers a set of prioritized remediation recommendations that help security professionals get protection fast. Organizations, including Black & Decker, Trader Joe's, Florida State University, the New York Times, and the City of Philadelphia, continually rely on Rapid7 products and services to mitigate risk and remain compliant. For more information, visit www.rapid7.com.