PRESS RELEASE

BOSTON--(BUSINESS WIRE)--Rapid7', the leading provider of unified vulnerability management and penetration testing solutions, today announced the latest version of its flagship product, NeXpose' 4.9, continuing its introduction of innovations like NeXpose Community Edition, Exploit Exposure™ and Metasploit Express™. Now, government agencies facing Federal Information Processing Standard (FIPS) 140-2 Certification requirements, and enterprises that adopt this government standard, can benefit from NeXpose’s ability to scan the broadest level of assets, integrate with the Metasploit Framework and implement a FIPS-certified cryptographic library. NeXpose 4.9 also offers users improved Web server performance and an offline activation feature that complies with specific Internet security policies.

“Our latest version of NeXpose has once again proven our dedication to improving our product offerings according to prevalent needs in the industry including compliance regulations, security policies, performance and scalability”

FIPS 140-2 is the U.S. standard for accrediting cryptographic modules that are deployed in a wide range of applications and environments. As a result of these requirements, government agencies can only utilize products and services that use FIPS-certified algorithms. With NeXpose 4.9, agencies can adopt a comprehensive vulnerability management solution for proactive security, as the latest version includes a FIPS mode that implements a FIPS-certified cryptographic library to encrypt communication across a user’s browser and application programming interface (API). With the FIPS mode, NeXpose 4.9 also caters to enterprise organizations that adopt government standards for their own policies and best practices in their security systems. NeXpose’s use of a FIPS-certified cryptographic library that addresses Web browsers and APIs enable enterprises to use government-sanctioned technology to better protect against the latest growing threat of attacks.

To address government agencies and enterprises with strict guidelines about connecting their networks to third party products and services via the Internet, NeXpose 4.9 users can download NeXpose updates without having to connect their NeXpose server directly to the Internet. With easier access to countless updates, such as new vulnerability signatures, users can now obtain information faster, while still remaining compliant with their security policies. In addition, NeXpose 4.9 includes significant enhancements to the Web architecture, which dramatically improves the scalability and performance of the user interface. These changes enable NeXpose to continue supporting enterprises as they deploy NeXpose in ever-growing IT environments.

“Our latest version of NeXpose has once again proven our dedication to improving our product offerings according to prevalent needs in the industry including compliance regulations, security policies, performance and scalability,” said Mike Tuchen, president and CEO of Rapid7. “With our aggressive efforts to push the boundaries of innovation, we’ve significantly expanded our reach across multiple verticals. Our goal is not to simply rest on what we’ve accomplished, but continue to build on these achievements and enhance the quality of products on the market today.”

Rapid7 has a history of introducing products and features that address the security challenges of a variety of industries and company sizes. With NeXpose Community Edition, the company provides SMBs and consultants with a no-cost vulnerability management product with out-of-the-box Metasploit integration. Further leveraging its relationship with Metasploit, Rapid7 introduced Exploit Exposure, enabling customers to benefit from real exploit data to prioritize the vulnerabilities with the highest risk. In addition, Metasploit Express delivers a low-cost, easy-to-use, penetration testing tool to the masses. NeXpose 4.9 now becomes the newest product to answer demands for improved performance and scalability and security requirements for entities in highly regulated environments.

This release builds upon the numerous enhancements in NeXpose since 4.8, including its Security Content Automation Protocol (SCAP) Unauthenticated Scanning Certification and integration with multiple technology partners such as ArcSight, SecureWorks and Symantec. With more than 15,000 additional vulnerability checks over the last 15 months, Rapid7 NeXpose now scans for more than 55,000 checks and will continue its momentum with this latest version. NeXpose 4.9 will be generally available later this month.

About Rapid7

Rapid7 is the leading provider of unified vulnerability management and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, the United States Postal Service, Carnegie Mellon University and Red Bull to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC. Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits. To obtain a free download of NeXpose or Metasploit, please visit http://www.rapid7.com/resources/free-downloads.jsp.