Over the past year our Nexpose team has taken on the challenge of overhauling our product and internal processes to enable more frequent and seamless content releases. The objective is simple, get customers content to their consoles faster without disrupting their workflow and currently running or scheduled scans. This enables security teams to respond to industry trends much faster and coupled with our new adaptive security feature enables low impact delta scans of just the new or updated vulnerabilities. This ensures that the cumulative view of your assets are always fresh with current vulnerability findings. Add in some automated alerts, auto generated reports, custom dashboards and you've got a workflow for staying on top of your network.

Content updates include:

  • New or updated vulnerability descriptions, vulnerability checks, remediation guidance (solutions).
  • New vulnerability categories (new platforms, applications).
  • New or updated software fingerprints (operating systems and applications).
  • Updated vulnerability correlation, exploit, malware, supersedence, etc. metadata.

Our Content Delivery Vision

To react accurately and quickly to vendor releases of security advisories and industry trends, allowing stakeholders to contextualize risk and affected scope with minimal effort and operational impact, then take action and validate the remediation efforts.

Where Are We Now

We're happy to share the news that for over a month now, we've been quietly releasing content updates to our customers as quickly as feasible and at minimum, on a daily basis (Monday – Friday and on weekends as needed). We've built automation that enables the generation, testing, packaging and seamless delivery of new content far more frequently (with no scanning impact, nor need to restart your consoles and engines). Moving forward you can expect more of the same as we continue progress towards the vision shared above.

How Do I Use This

So how do you take advantage of the increased update cadence? If your running Nexpose and have updates enabled you'll automatically be receiving the latest and greatest product and content enhancements. The good news is you've already started taking advantage of these new capabilities. Take a look at our blog post on adaptive security and automatically triggering delta scans when updated vulnerability content is released. If you're interested, dig in a little deeper to find out how adaptive security fits into your Vulnerability Management Program. Combining frequent updates, adaptive security, our built-in alerting and reporting capabilities, you've got a potent workflow to stay on top of the risk in your environment.

As always, we'll continue building the functionality our customers ask for (feedback is always appreciated), we've got an exciting pipeline of enhancements planned that'll further streamline the workflow to reduce your risk of a breach.

Onwards and upwards!
David Picotte
Manager of Engineering, Security