Adaptive Security dynamically collects and analyses security data, providing attack surface visibility with risk assessment. By focusing on important network changes, Adaptive Security helps IT security professionals better identify and understand their risk, and take action when necessary. Adaptive Security automatically identifies and assesses vulnerabilities and exposures when new assets join the network and when assets rejoin the network. Additionally, Adaptive Security will quickly analyse your security data to provide visibility into and show the potential impact of newly identified vulnerabilities.
Adaptive Security delivers the benefits of continuous monitoring without the noise of unfiltered alerts or the network performance tax of continuous scanning. Further, Adaptive Security automated actions are simple for customers to create because they require no coding and are flexible, so they can better meet specific user needs.
"Security teams are struggling to stay ahead of changes in their environments and the threat landscape while managing the noise that comes with traditional, continuous monitoring solutions. Adaptive Security cuts through the clutter and puts control back into the hands of IT security professionals," said Lee Weiner, senior vice president of products and engineering at Rapid7. “This level of ongoing awareness and visibility means that significant risks are quickly evaluated and teams are empowered to take action when necessary.”
Nexpose 6.0 also extends IT security teams’ ability to assess their attack surface by integrating data from Project Sonar – a research project from Rapid7 Labs that scans the internet every week for any external facing IP addresses associated with a given domain. The Sonar integration allows teams to discover internet accessible assets they may not have been aware of otherwise.
In 2014, three major vulnerabilities, Heartbleed, Shellshock,
and Poodle, left organisations of all sizes and stages of security maturity open to attacks from cyber criminals. Adaptive Security automatically scans for critical threats, like those mentioned above, and measures risk exposure against emerging vulnerabilities, providing context and prioritisation with Nexpose RealRisk and RealContext.
"Nexpose Adaptive Security allows me to understand my organisation’s exposure to threats, including newly discovered vulnerabilities, without having to initiate an assessment,” said Billy Lewis, director of information technology at State Garden. “As soon as a new vulnerability is discovered, I have a report detailing my risk – that’s very powerful.”