One of Nexpose's core promises, is that we will give you actionable visibility into your physical, cloud, and virtual environments to help you identify what assets are on your network, and what are the most critical security risks to remediate. As a part of supporting that visibility, Rapid7 and VMware announced last August, that Rapid7 is the first VMware NSX network and security platform ecosystem partner for vulnerability management.  This partnership delivers a revolutionary approach to vulnerability management in conjunction with the software-defined data center (SDDC).    By scanning directly through the hypervisor, security teams can reduce the load on the network, improve security with comprehensive analysis, and automatically isolate risky assets.  Let's take a look at how this improves visibility and helps you create an appropriate action plan.

With VMware NSX, you can easily use isolation and segmentation as a security best practice which makes it easy for security teams to create virtual networks that match their unique needs and their security best practices   These networks can be updated frequently and easily as the needs of the business change.  This is where the Rapid7-VMware interoperability shines, since Nexpose scans directly through the hypervisor, it has full visibility into all the virtual machines regardless of the virtual network topology. Interoperability at the hypervisor level also means that administrators can get the benefits of credentialed scans without the overhead of having to manage credentials.   This ensures an up-to-date and accurate picture of your full virtual network.

Running in a software-defined data center, security teams can easily deploy a layered approach to security.   However, identifying and remediating the top vulnerabilities, misconfigurations and missing controls remains essential. Looking at the context around a security risk can help to ensure that the team is focused on the most important updates.  For example, does that server that's exposed to the internet have a remote code execution vulnerability with a Metasploit module available?  What about a virtual machine that is vulnerable to an Adobe Reader zero-day?  Armed with this insight, you can efficiently prioritize and remediate the greatest risks.

However, not even the most efficient security team can be on top of every security risk every time.   When interoperating with Rapid7, VMware NSX can trigger an automated workflow to protect organizations from an attack on a weakness in the operating system or an application on a virtual machine.  If there is a high risk vulnerability identified, Nexpose will automatically create a security-tag on that virtual machine in VMware NSX.  Security teams can use this tag to automatically put the VM into a "secure" virtual network segment or in an isolation area. This segment can be a quarantined area or one that has limited access to the rest of your network.  Attackers will not be able to get to these vulnerable systems.  After the high risk vulnerabilities are remediated, the virtual machine will be moved back to its original location.  This real-time approach reduces the attack surface and buys additional time to remediate the vulnerability.

We are excited about this partnership and the ways that Nexpose and VMware NSX customers can get actionable visibility into the most important vulnerabilities in virtual machines on their network and the automated protection of being able to quarantine risky assets

If you'd like to find out more about this innovative integration, please contact us at info@rapid7.com, call 866-7-RAPID7, or read our datasheet.