NeXpose Community Edition

Until now, many security experts and organizations have struggled to move beyond ad-hoc vulnerability scanning and penetration testing. The NeXpose Community Edition enables security professionals to start implementing a formalized vulnerability management program, prove the value of their security testing efforts and protect business data in critical infrastructure assets.

The NeXpose Community Edition offers a unique combination in the market; the power and management tools of an enterprise-class engine through NeXpose with the robust data set needed to ensure precise and accurate assessments through the direct integration of the Metasploit platform, the leading open-source penetration testing platform. The integration also gives users the flexibility to verify, validate and demonstrate the risk level of identified vulnerabilities, increasing the efficiency and value of the testing process.

The NeXpose Community Edition is a free, single-user version with many of the capabilities of the award-winning NeXpose Enterprise. Powered by the same scan engine that is being used by more than 1,000 enterprise customers, NeXpose Community Edition provides:

• Unrivaled breadth of vulnerability scanning - scans for more than 12,000 vulnerabilities with nearly 40,000 vulnerability checks based on pre-defined scan templates in networks, operating systems and databases (up to 32 IPs)..
• Regular vulnerability updates - automatically provides vulnerability updates without user intervention. Delivers immediate Microsoft Patch Tuesday vulnerability updates within 24 hours or less to stay current with the changing threat landscape.
• Prioritized risk assessment - identifies risk based upon how the vulnerability in one system affects another.
• Industry-first exploit exposure – leverages real exploit intelligence to perform risk classification.  As a result, large organizations with complex networks can make informed decisions and focus resources on remediating the most critical, exploitable vulnerabilities.
• Remediation guidance - helps resolve vulnerabilities quickly and easily with the information provided in remediation reports.
• Accurate scan results - delivers accurate scanning results in less time with an expert system that combines traditional scanning methods with assessment processes modeled after human decision making.
• Out-of-the box Metasploit integration - works with the Metasploit Framework to provide remote scan control, exploit identification and automated exploitation functionality to NeXpose users.
• Extensive community support - provides collaboration and knowledge exchange among security professionals via full access to the Rapid7 Community Portal at http://community.rapid7.com.
• Simple deployment- easily deploys as a software solution on laptops and desktops.
• No cost start-up security solution - provides a free entry-level vulnerability management solution.

Who should use the the NeXpose Community Edition?

• Security experts and organizations of any size who want to start a no-cost and proactive security testing program.

Who should upgrade to the NeXpose Express Edition?

• Organizations should upgrade from the NeXpose Community Edition to the NeXpose Express Edition if they require:
• • Scanning capabilities for more than 32 IPs
  • Custom scan and report configuration, email alerting
  • Full report export capabilities beyond simple XML
  • Web applications scanning
  • Compliance and configuration scanning
  • Support beyond the community options provided by Rapid7