[nexpose-users] Exploit Exposure

[Richard Li]

Hi,

We just released a new version of NeXpose to all of our users that has a new feature we call Exploit Exposure (tm). Exploit Exposure will now give you exploit information about a particular vulnerability. Why is this important? NeXpose checks for a lot of vulnerabilities and most organizations have a lot of vulnerabilities that need to be prioritized - more vulnerabilities than they have time to correct.  Now, with Exploit Exposure, you will know which vulnerabilities have real exploits and you can fix those vulnerabilities first.

In addition, NeXpose uses the exploit ranking (http://www.metasploit.com/redmine/projects/framework/wiki/Exploit_Ranking) data from the Metasploit team to classify the skill level required for a given exploit. Since you can't predict the skill level of an attacker, we strongly recommend that you immediately remediate any vulnerability that has a live exploit, regardless of the skill level required for an exploit or the number of exploits available for a given vulnerability. At the same time, we wanted to give you the full information so you can make an informed decision.

So in other words, we can tell you, out of the box, what vulnerabilities you need to fix RIGHT NOW, without needing to check another data source.

Let me know what you think.

Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/nexpose-users/attachments/20100208/cbf9b739/attachment.html>