We wanted to give you a preview into Nexpose's new integration with both McAfee ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL); this is the next stage of our partnership with Intel as their chosen vendor for vulnerability management [PDF]. This partnership is also a first for both Rapid7 and Intel, as Nexpose is the only vulnerability management solution to not only push our unique risk scoring into ePO for analysis, but also automatically import asset data from ePO and threat intelligence from DXL into Nexpose for better discovery and prioritization. On top of that, we publish vulnerability data to DXL so that your entire DXL eco-system can benefit from this intel (pun fully intended). The integration is currently in its final stages, so here's what you have to look forward to:
ePO and Nexpose: Correlating risk, and ensuring no asset goes unscanned
ePO lets you deploy, manage and report on a huge portion of your security program - from endpoint protection right out to the gateway. Now you can overlay this information with the susceptibility of your systems to a real world attack, by importing our unique risk score that incorporates vital context including exploit exposure, vulnerability age and malware exposure to show you the vulnerabilities and assets an attacker is most likely to target.
In addition, ePO and Nexpose communicate asset information, ensuring coverage accuracy for the crucial first step of any scan: Discovery. Not only can you import current ePO asset details into Nexpose, making initial set up a breeze, you can automatically import newly discovered ePO assets too, so your vulnerability management team always has the complete picture of your network (or if you're a one man shop or an elite team of security oracles, you don't have to waste time doing the same work with multiple products).
DXL and Nexpose – share vulnerability info and automate exploit response
The McAfee DXL platform lets multiple products collaborate and share information with each other – it's essentially a force multiplier for your security program. Nexpose and DXL customers correlate Nexpose risk scores and vulnerability data with other products in the ecosystem. Via Intel's Threat Intelligence Exchange (TIE), Nexpose can also identify systems that may have been compromised and prioritize them for remediation. No other vulnerability management tool provides this kind of insight to the Intel Security partner ecosystem.
Keep an eye out for detailed blog posts on each of these integration points over the next few weeks; in the meantime, check out our webcast on October 26th and reach out to your friendly neighborhood sales rep or customer success manager for more information on integrating these two key pieces of your security program!