2 min
Nexpose
Assessing risk using Security Intelligence
Robert Lemos wrote an interesting article
[http://www.darkreading.com/vulnerability/vulnerability-severity-scores-make-for-b/240157339]
about how CVSS alone does not necessarily give you enough information for
effective remediation prioritization. Adding context about which vulnerabilities
are being exploited easily using known exploits provides a much better way of
determining whether or not a given asset is at risk from a real attack. Quoting
the research completed by Luca Allodi and Fabio Ma
3 min
Nexpose
Introducing Nexpose 5.5 - CIS, USGCB 2, Enhanced Reporting, and Data Scalability
For those of you that don't know me, I head up the Nexpose engineering team, and
we are excited to introduce the latest release, Nexpose 5.5. This release
focuses on meeting three big needs that we've heard about from our customers.
The first is configuration assessment. This is a big deal for organizations that
are subject to regulatory or internal standards that require confirmation of
specific configurations of IT assets, such as USGCB 2.0. For those
organizations, proving compliance is pain