Aberdeen Group Research Validates Need for Rapid7's Network, Database and Web Scanning Capabilities, Confirms Impressive Return on Investment in Vulnerability Management.Rapid7's NeXpose Typifies the Technology and Practices Aberdeen Recommends for Proactively Managing Vulnerabilities and Achieving High Performance BOSTON -- Rapid7 LLC (Logical Link Control) See "LANs" under data link protocol. LLC - Logical Link Control , provider of NeXpose, the leading Unified Vulnerability Management solution, is offering its customers, partners, and other organizations a new research report developed by Aberdeen Group Aberdeen Group is a provider of business-related research services. It has its headquarters in Boston, Massachusetts and belongs to the Harte-Hanks group. Founded in 1988, Aberdeen's research is used by over 2. that validates vulnerability management (VM) as an essential function for top performance and recommends proactively performing VM for higher efficiency and lower total cost. The research reveals that companies employing "best-in-class" technology and practices to address vulnerabilities reap a 91% return on investment within 11 months. The report by Aberdeen, a Harte-Hanks Company (NYSE NYSE See: New York Stock Exchange :HHS HHS Department of Health and Human Services. ), is titled "Vulnerability Management: Assess, Prioritize, Remediate, Repeat" and describes VM as a necessary function for just about every organization, of any size, with business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets that involve Internet-facing networks, computers and application software. VM is also a never-ending process and the vulnerability management lifecycle -- assess, prioritize, and remediate -- must be repeated on a regular basis to manage risk within acceptable limits. The Aberdeen report also details what Rapid7 customers and NeXpose users already attest -- what typifies the "best-in-class" technology and practices for accomplishing VM. Because VM tasks are complex, repetitive and time-consuming, automating them and deploying enabling technologies produces savings in the costs created by new vulnerabilities and reduces the total cost of VM, freeing up resources to invest in more strategic IT initiatives. Aberdeen's research shows that higher frequency of vulnerability assessments is strongly correlated with top performance: companies identified as "best-in-class" find about 10% more vulnerabilities than the industry average, and faster response times for remediation reduces their window of exposure. "Aberdeen's report substantiates that companies need to identify, prioritize and remediate threats and vulnerabilities and to do so on a continuous basis, employing strategic actions and organizational capabilities as well as enabling technologies such as vulnerability assessment, penetration testing and risk analysis," said Alan Matthews, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Rapid7 LLC. "Our customers know that with the increasing volume, variety and sophistication so·phis·ti·cate v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates v.tr. 1. To cause to become less natural, especially to make less naive and more worldly. 2. of vulnerabilities, failure to implement preventative measures will dramatically impact the security of their IT infrastructure and their ability to meet compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). . Our customers have provided unwavering proof that Rapid7's NeXpose gives them the breadth and depth of coverage to locate and manage vulnerabilities easily and successfully without consuming undue time and money." "The number of new threats and vulnerabilities that surface every week means that managing vulnerabilities simply has to be done, and the top performers in this study are doing it more effectively and at a lower cost," said Derek Brink, vice president and research fellow for IT Security, Aberdeen. "As part of their strategies, Aberdeen has noted a trend, particularly among Best-in-Class organizations, towards selecting solutions that are both deeper in terms of functionality and broader in terms of the categories of threats and vulnerabilities managed." Rapid7's NeXpose is the broadest and deepest VM system, as it comprehensively scans Web applications, databases, operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. and networks to locate threats, assesses their risk to the environment, devises a remediation plan and implements the ticketing process. NeXpose discovers the vulnerabilities that hackers most exploit and other products fail to detect by using an expert system to chain together individual external vulnerabilities to reveal potentially hidden vulnerabilities at deeper levels of the systems. Aberdeen's research confirms that the best results are achieved by making VM as efficient and cost-effective as possible: companies with top performance estimate an impressive 91% marginal return on investment based on a comparison of total vulnerability-related costs avoided with the total cost of their vulnerability management activities. Best-in-class companies estimate their payback period Payback Period The length of time required to recover the cost of an investment. Calculated as: at less than 11 months. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Aberdeen's report, efficiency is gained by automating and streamlining the steps in the VM lifecycle; specifically, identifying and tracking only those vulnerabilities and threats that are relevant to the organization's IT assets, prioritizing vulnerabilities based on the level of risk and the business value of the IT assets in question, and automating remediation and applying compensating controls where patches or updates are not available. A complimentary copy of the report is made available in part by Rapid7. To obtain a complimentary copy of the report, visit: http://www.aberdeen.com/link/sponsor.asp?spid=30411329&cid=5231 About Rapid7 Rapid7 is the leading provider of NeXpose Unified Vulnerability Management (UVM UVM University of Vermont UVM Universidad del Valle de México UVM Universitas Viridis Montis (University of the Green Mountains aka University of Vermont) UVM Universal Voice Module (Cisco) ) Solutions. First introduced in 2001, Rapid7's NeXpose offers the broadest, deepest and most accurate vulnerability scanning and ensures compliance with governmental regulations and corporate security policies through its extensive reporting capabilities, including customizable policy compliance templates. Rapid7 is certified as an Approved Scanning Vendor (ASV ASV abbr. Bible American Standard Version ASV n abbr (= American Standard Version) → traduction de la Bible ASV n abbr (Bible) (= ) by the PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). Security Standards Council. Rapid7 is headquartered in Boston, MA, with an office in Los Angeles, California. For more information on Rapid7 and NeXpose, visit http://www.rapid7.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion