While today’s malicious attackers pursue a variety of goals, they share a preferred channel of attack—the millions of custom web, mobile, and cloud applications companies deploy to serve their customers. AppSpider dynamically assesses these applications for vulnerabilities across all modern technologies, provides tools that speed remediation and monitors applications for changes. Keep your applications safe and secure—now and moving forward. KNOW YOUR WEAK POINTS AppSpider automatically finds vulnerabilities across a wide range of applications— from the relatively simple to the most complex—and it includes unique capabilities and integrations that enable teams to automate more of the security testing program across the entire software development lifecycle (SDLC), from creation through production. Coverage is the first step to scanner accuracy. Scanners were originally built with a crawl and attack architecture, but crawling doesn’t work for web services and other dynamic technologies. AppSpider can still crawl traditional name=value pair formats like HTML, but it also has a Universal Translator that can interpret the new technologies being used in today’s web and mobile applications (AJAX, GWT, REST, JSON, etc.). With AppSpider, you can: • Close the coverage gap with our Universal Translator • Intelligently simulate real-world attacks • Continuously monitor your applications • Stay authenticated for deep assessment AppSpider includes interactive actionable reports that prioritize the highest risk and streamline remediation efforts by enabling users to quickly get to and analyze the data that matters most. With one click, you can drill deep into a vulnerability to get more information and replay attacks in real-time. Sifting through pages and pages of vulnerabilities in a PDF report takes too much time. AppSpider provides interactive, actionable reports that behave like web pages with an intuitive organization and links for deeper analysis. The analysis doesn’t have to be tedious: Findings are organized and consolidated by attack types (XSS, SQLi, etc.), and with one click, you can drill deep into a vulnerability to get more information. AppSpider’s sophisticated reports reduce remediation time and streamline communication with developers. With AppSpider, you can: • Conduct deeper analysis with interactive reports • Quickly replay web attacks • Categorize applications for easy reporting In order to improve your overall security posture, you need a high-level view of your application security program that enables you to see where things stand. AppSpider enables centralized control, automation, and interoperability over all aspects of your enterprise web application security program, including continuous scanning configuration, user permissions, scheduling, and monitoring. In addition, AppSpider includes trends and analyze data to help collaborate with all stakeholders toward improved security posture. Time is critical when remediating vulnerabilities. Using innovative automated rule generation, AppSpider’s defensive capabilities help security professionals patch web application vulnerabilities almost immediately—in a matter of minutes, instead of days or weeks. Without the need to build a custom rule for a web application firewall (WAF) or intrusion prevention system (IPS), or the need to deliver a source code patch, our software allows you the time to identify the root cause of the problem and fix it in the code. With AppSpider, you can: • Manage and control application security programs • Automate targeted virtual patching • Meet compliance requirements • Integrate into your DevSecOps workflow
Identify application risks quickly and painlessly
With InsightAppSec, there’s no installation of on-premise components required—just log in and start scanning. The intuitive workflows make it easy for you to test your applications without the steep learning curve. Simple doesn’t mean less powerful though—scans in InsightAppSec can be configured to meet your testing needs and ensure comprehensive coverage of your applications. Scan coverage in modern applications and APIs can be a problem for some DAST tools, but InsightAppSec’s scan engine has been developed with these challenges in mind and proven to overcome them.
You’ll not only save time thanks to the easy-to-learn interface, you’ll also avoid the time-consuming training that other DAST tools require in order to get good coverage of your applications. Although InsightAppSec lives in the cloud, it can also scan your internal apps (like pre-production instances), with a scan engine deployed on premise. All your results are stored in the cloud, so that you have a single view of all your application vulnerabilities.
With InsightAppSec, you can:
Get up and running in minutes
Crawl and attack your modern applications and APIs
Scan external and internal applications
Manage your app portfolio at a glance
Web applications these days are rarely monolithic. They have complex multi-component architectures (like decoupled front ends that interface with micro-services that transact with the backend), as well as multiple instances (like development, pre-production, and production). InsightAppSec provides the flexibility to configure scans to optimize coverage and testing for each individual aspect of an application, whether it’s an API or a Single Page Application (SPA) front end.
Even though the components may be completely different technologies, to your organization they are still considered parts of the same application, which is why InsightAppSec is designed to group scan targets into application portfolios. All scans for an application, its components, and instances appear in a single application portfolio view, making scan management simple. The Live Vulnerability View provides a single, concise view of scan results for an application portfolio and displays an always up-to-date listing of vulnerabilities detected in your app portfolios. With rich historical information provided for each vulnerability, you’ll have the context to make critical prioritization decisions.
With InsightAppSec, you can:
Group scan targets into application portfolios
View all vulnerabilities across multiple scans and scan targets in a single view
Use Live Vulnerability View to quickly filter down results and dynamically assign status and severity to reflect your priorities
Share actionable insights resulting in the right fix
Exposing application security vulnerabilities is a vital step towards reducing your application security risk. Managing that risk also requires keeping various stakeholders informed and arming your development teams with the actionable information they need to fix vulnerabilities. InsightAppSec provides detailed technical information on each identified vulnerability along with recommendations to remediate it. Reports can be custom-tailored for the audience, whether it be executive stakeholders who need an at-a-glance overview of application security risk, or developers who need technical details to remediate. The Attack Replay feature also empowers developers to confirm vulnerabilities on their own. Static reports aren’t always enough to prove to development that a vulnerability exists; Attack Replay makes it possible for developers to reproduce the issue on their own, and after a fix is implemented, test it immediately.
With InsightAppSec, you can:
Take action by leveraging detailed explanations of vulnerabilities, with technical details and remediation recommendations
Generate tailored reports of vulnerabilities for various business stakeholders
Empower developers with Attack Replay so they can confirm vulnerabilities on their own and test their fixes immediately
The Rapid7 Insight cloud equips you with the visibility, analytics, and automation you need to unite your teams and work faster (and smarter). Security, IT, and Development now have one-click access to vulnerability management, cloud application security, incident detection and response, automation, and more.
With the Rapid7 Insight cloud, you can:
Unify Data Collection
Collect data once from across your IT environment, enabling your Security, IT, and DevOps teams to collaborate effectively as they analyze shared data.
Scale with Ease
Expanding your use of the Insight cloud to include multiple solutions is easy. Once your data collectors are installed, launching new Insight products is just a few clicks away.
Integrate Seamlessly
Get faster analysis, prioritization, and remediation, with your existing tools. The Insight cloud integrates with your existing technology stack, acting as a force multiplier to already-deployed solutions.
The core of the Rapid7 Insight cloud:
InsightVM gives you live vulnerability management and endpoint analytics to view real-time risk.
InsightAppSec stays in step with your application development to easily introduce security throughout your SDLC.
InsightIDR unifies UBA, SIEM, and EDR technology so you can prioritize your response efforts.
InsightConnect unites your technology stack through custom workflows to accelerate security and IT processes.
Rapid7 Services act as an extension of your team to help you reduce risk and detect and respond to attacks.
InsightConnect is a security orchestration and automation solution that enables your team to accelerate and streamline time-intensive processes—no code necessary. With 200+ plugins to connect your tools and easily customizable connect-and-go workflows, you’ll free up your team to tackle other challenges, while still leveraging their expertise when it’s most critical.
Here’s how it works: • Connect your existing tools • Build automated workflows • Set up decision points • Improve operational efficiency
With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.
Features For High-Velocity Security Operations
Integrated and Extensible
Connect your existing tools with our library of 200+ plugins, or create your own plugin with our software developer’s kit (SDK).
Human Insight When Needed
Configure human decision points within your workflows to allow for detailed analysis from your team.
Audit Trails at Your Fingertips
Codified processes enable you to have a comprehensive record of your workflows and executions all in one central location.
Powerful Automation
With workflows, you can select a trigger source, configure actions, and automate processes without a single line of code.
Benchmarks for Your Team
Realize the value of automation by tracking productivity gains, workflow executions, decisions made, and more.
Continuous Access
Since InsightConnect is hosted on the Rapid7 Insight platform, you’ll be able to access and update your workflows anytime, anywhere.
Community Support
Don’t reinvent the wheel when you can use shared plugins and workflows from our community of industry pros.
Rapid7’s InsightIDR is your security center for incident detection and response, authentication monitoring, and endpoint visibility. InsightIDR identifies unauthorized access from external and internal threats, and highlights suspicious activity so you don’t have to weed through thousands of data streams.
InsightIDR combines the full power of endpoint forensics, log search, and sophisticated dashboards into a single solution. It is a Software as a Service (SaaS) tool that collects data from your existing network security tools, authentication logs, and endpoint devices. InsightIDR then aggregates the data at an on-premises Collector or a dedicated host machine that centralizes your data.
Use this Collector to gather and transmit your logs securely to AWS, which hosts customer databases and the web interface. Rapid7 runs analytics on this data to correlate users, accounts, authentications, alerts, and privileges. The analysis provides insight into user behavior while searching for known indicators of compromise.
Rapid7 recommends keeping dedicated Collectors on-premises to collect event data, log data, and endpoint data.
When you connect all of the various data streams to InsightIDR, you can take advantage of all the following built-in features made with users in mind:
Unify your data into a single security view
Analyze raw logs, endpoint data, and network traffic
Receive alerts for suspicious activity
Prioritize events
Investigate events
Unify your data into a single security view
Track user network resources, their devices, and their visited cloud services. InsightIDR normalizes network data and attributes it to users, so you know the origin, owner, and time of event.
Analyze raw logs, endpoint data, and network traffic
InsightIDR collects data streams from every possible place, and brings them together in one convenient place for you to analyze. Sift through raw logs, visualize your endpoint data, or organize your network traffic from users.
Receive alerts for suspicious activity
Whether or not suspicious activity is happening on your network, InsightIDR sets up traps that alert you of security gaps.
Prioritize events
Because traffic and data is normalized, InsightIDR automatically prioritizes network events and brings notable events to your attention. InsightIDR filters out non-critical events so you focus on the important ones.
Investigate events
In the event of a breach, security teams will have contextual information of compromised data, time of event, and possible next actions of the intruder.
InsightVM provides a fully available, scalable, and efficient way to collect your vulnerability data, turn it into answers, and minimize risk. InsightVM leverages the latest analytics and endpoint technology to discover vulnerabilities in a real-time view, pinpoint their location, prioritize them for your business, facilitate collaboration with other teams, and confirm your exposure has been reduced
Secure Your Modern Network
Adapt to your modern network with full visibility of your ecosystem, prioritization of risk using attacker-based analytics, and SecOps-powered remediation. Pair that with unparalleled, ongoing research of the attacker mindset, and you’ll be ready to act before impact.
Collect Data Across Your Ecosystem
• Continuous Endpoint Monitoring Using the Insight Agent
The Rapid7 Insight Agent automatically collects data from all your endpoints, even those from remote workers and sensitive assets that cannot be actively scanned, or that rarely join the corporate network. Pair InsightVM with Rapid7 InsightIDR to get a complete picture of the risks posed by your endpoints and their users.
• Liveboards, Not Static Dashboards
Drawing from fresh vulnerability data, InsightVM Liveboards are live and interactive by nature. You can easily create custom, tailored cards and full dashboards for anyone—from sysadmins to CISOs—and query each card with simple language to track progress of your security program. Visualize, prioritize, assign, and fix your exposures more easily than ever before.
• Cloud, Virtual, and Container Assessment
InsightVM integrates with cloud services, virtual infrastructure, and container repositories like Amazon Web Services, Microsoft Azure, and VMware to make sure you don’t miss any new instances and Docker containers that are brought online. You can also correlate deployed containers to assets, so you can secure both containers and container hosts—all at no additional cost. Prioritize Using Attacker Analytics
• Attacker-Based Risk Analysis
Prioritize risk the way attackers would. InsightVM translates decades of attacker knowledge into proven analytics. The granular, 1-1000 Real Risk score takes into account CVSS scores, malware exposure, exploit exposure and ease of use, and vulnerability age. This makes it simpler—and more precise than CVSS alone—to prioritize vulnerabilities for remediation. Rapid7 Project Sonar data and threat feeds translate to dashboards within InsightVM, so you can understand which external network doors you’re missing and which vulnerabilities attackers are actively exploiting.
• Live Remediation Planning
Once the most critical vulnerabilities are brought to the surface, assign and track remediation duties in real time with Remediation Workflows. InsightVM integrates with IT ticketing solutions like Atlassian Jira and ServiceNow, making it easy for IT to take action. InsightVM also integrates with Rapid7 InsightConnect, our security orchestration and automation platform, to bring automation and prioritization to the patching process.
Remediate with SecOps Agility
To move faster and more securely, you need to go beyond scanning in silos. InsightVM is built to enable collaboration with IT operations and developers through shared visibility, analytics, and automation. What does this look like in practice? InsightVM integrates with IT’s existing workflows and ticketing systems to provide remediation instructions with context, thus accelerating remediation, and provides actionable reporting on program progress for every audience—from IT and compliance to the C-Suite. On the development side of the house, InsightVM lets you assess containers to ensure services are secure before they go into production, and the Rapid7 Insight Agent helps infrastructure teams automatically assess new cloud infrastructure as soon as it goes live.
Know Your Weak Points
It’s vital to find your vulnerabilities before a malicious attacker does.
Utilize world's largest exploit database
Leading the Metasploit project gives Rapid7 unique insights into the latest attacker methods and mindset. Rapid7 works with the community to add an average of 1 new exploit per day, currently counting more than 1,300 exploits and more than 2,000 modules.
Simulate real-world attacks against your defenses
Metasploit evades leading anti-virus solutions 90% of the time and enables you to completely take over a machine you have compromised from over 200 modules. Pivot throughout your network to find out just how far an attacker can get.
Uncover weak and reused credentials
Test your network for weak and reused passwords. Going beyond just cracking operating system accounts, Metasploit Pro can run brute–force attacks against over 20 account types, including databases, web servers, and remote administration solutions. In addition, it can utilize specialized tools designed to expose credentials' scope and effectively gauge impact of an exposed credential.
Prioritize What Matters Most
Finding your weak points is only half the battle. As a penetration tester, it is your job to perform a thorough assessment and communicate what needs to be done to reduce the risk of a breach.
Pinpoint weak links in the attack chain
Attacks are more sophisticated today; the adversary is using multiple techniques combined to breach your systems faster than ever. With Metasploit Pro, you can simulate attacks like the adversary and easily report the biggest security risks.
Closed-loop integration with Nexpose for remediation
When other departments question the validity of scan results, demonstrate that a vulnerability puts systems and data at risk of compromise. You'll get quick buy–in for remediation measures and build credibility with stakeholders. Metasploit and Nexpose provide the only closed-loop validation solution from a single vendor that simplifies vulnerability prioritization and remediation reporting.
Drive Better Security Program Development
Time is of the essence. Automation, proactive user education, and advanced reporting will enhance your team’s efficiency, productivity, and success.
Run penetration projects at scale
Conducting an assessment and managing data in networks with over 100 hosts can be challenging. Metasploit Pro scales to support thousands of hosts per project on engagements and multiple penetration testers. Automate penetration testing steps with Task Chains and MetaModules to improve productivity.
Reduce user risk using phishing campaigns and education
Send and track emails to thousands of users with Metasploit Pro's scalable phishing campaigns. Clone web application login pages with one click to harvest credentials. Measure conversion rates at each step in the phishing campaign funnel. When users take a dangerous action, they can be redirected to a training site on the spot. With InsightUBA, any users who have been phished will also be automatically added to the InsightUBA watch list.
Complete compliance programs faster
Generate reports to show your findings and sort them by regulations such as PCI DSS and FISMA. Verify that remediations or compensating controls implemented to protect systems are operational and effective. Create vulnerability exceptions based on hard evidence that easily pass your next audit. Automatically record actions and findings from your network and application–layer assessment to save valuable time otherwise spent on cutting and pasting.
Data breaches are growing at an alarming rate. Your attack surface is constantly changing, the adversary is becoming more nimble than your security teams, and your board wants to know what you are doing about it. Nexpose gives you the confidence you need to understand your attack surface, focus on what matters, and create better security outcomes.
You can’t reduce risk if you can’t find, validate, and contextualize it. Nexpose dynamically discovers your complete attack surface and finds vulnerabilities you are missing today. Understand your threat exposure by determining if your vulnerabilities can be exploited and if your compensating controls are deployed successfully. Contextualize the risks to get a true picture of them as they align to your modern digital business.
The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks and problems. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.
