Educause Security Discussion mailing list archives

Re: Rapid7 NeXpose

From: "Ferris, Joe" <jferris () ADMIN FSU EDU>
Date: Thu, 25 Jun 2009 13:44:30 -0400

No kidding Joel, glad to be in the Southeast.  I have never had the over
aggressive sales call but then again we have been using NeXpose for
about three years now.  Our experiences with Rapid7 have been positive,
we can always reach a live person and they were more than willing to
work with us on any issue or suggestions we have.  We have been working
with their company to enhance NeXpose (some other .edu's do this also)
and many of our suggestions have been included in their product
upgrades.  We have a fairly large deployment of their solution and it
continues to grow each week.

One of the keys for success here is that we do not normally have any
issues with false positives.  This has built up credibility for our
program over time and we fight less about if a found vulnerability is
really there or not.

The delegation of roles, responsibility and access have been another key
to our deployment.  With our incredibly decentralized environment it
would be impossible for us to administer and remediate all devices
ourselves so we work with the Sysadmins on campus to distribute the
workload.  This also allows our relatively small security team to
oversee the project and campus vulnerabilities at a higher level and the
ability to dig into details as needed.  We still work with the local
technical support but the day-to-day remediation is taken care of by the
department.  Scans are scheduled, access is delegated, email results and
reports are sent... when implemented properly it can be a real asset for
your team and university.

I have not used the Rapid7 hosted scanning solution because we have
always run this internally.  I have never used Qualys so I cannot
compare and contrast this time around.  If you have any other questions
please let me know.

Regards,

Joe Ferris
FSU IT Security Team

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joel Rosenblatt
Sent: Thursday, June 25, 2009 10:37 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Rapid7 NeXpose

Wow .. I guess I'm lucky to be living in the east :-)

Joel

--On Thursday, June 25, 2009 8:38 AM -0500 Dick Jacobson
<Dick.Jacobson () NDUS NODAK EDU> wrote:

On Wed, 24 Jun 2009, Joel Rosenblatt wrote:

... and in the middle of the country.  Their rep would not schedule

web demo until I gave her the name, address and phone number of the
person with final

approval AND the person that would sign the check.

The product looked ok but after the sales experience I had a hard

time viewing the company with an open mind.

Apparently, that depends of which coast your on .. the west coast

sales

people are much more aggressive - at least according to our east

coast

representatives :-)

Joel

--On Wednesday, June 24, 2009 3:28 PM -0500 Curt Wilson

<curtw () SIU EDU>

wrote:

Watch out for the aggressive sales team though, they push too

hard.



Joel Rosenblatt wrote:

Hi,

We own their product and use it internally - we have never used

their

external service.

We are happy with this product and find it very useful.

Thanks,
Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854

http://www.columbia.edu/~joel


--On Tuesday, June 23, 2009 2:24 PM -0400 "Axworthy, Heather"
<haxworthy () UMASSP EDU> wrote:

Hi all,



We are in the middle of evaluating vulnerability scanning tools.

recently had a demo of Rapid7's NeXpose tool.  Just curious if

there are

any other institutions that currently use it and if it met your

scanning

needs.  We are looking at their SaaS model for external

scanning.




We are also in the middle of evaluating Qualys and was also

wondering if

anyone out there did a comparison between the two products.



Again, any information would be greatly appreciated.



Please feel free to reply off list.



Thanks,

Heather





 :: Heather Axworthy, Lead Security Specialist
:: University Information Technology Services (UITS)
:: University of Massachusetts President's Office
:: 774.455.7762 Phone

:: 774.455.7733 Fax
:: haxworthy () umassp edu <mailto:haxworthy () umassp edu>

University of Massachusetts : 333 South St. : Suite 400 :

Shrewsbury, MA

01545 : www.massachusetts.edu <http://www.massachusetts.edu/>




Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854

http://www.columbia.edu/~joel



--
Curt Wilson
SIUC IT Security Officer & Security Engineer




Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854

http://www.columbia.edu/~joel

---------------------------------------------------------------------

--

Dick Jacobson                       e-mail :

Dick.Jacobson () ndus NoDak edu

NDUS IT Security Officer    office : STTC 219
            phone  : 701-231-6280 <NEW phone number>

---------------------------------------------------------------------

--




Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel

Current thread:

Rapid7 NeXpose Axworthy, Heather (Jun 23)
- <Possible follow-ups>
- Re: Rapid7 NeXpose Joel Rosenblatt (Jun 23)
- Re: Rapid7 NeXpose Curt Wilson (Jun 24)
- Re: Rapid7 NeXpose Joel Rosenblatt (Jun 24)
- Re: Rapid7 NeXpose Hart, Lee Anne (Jun 24)
- Re: Rapid7 NeXpose Kevin Lanning (Jun 24)
- Re: Rapid7 NeXpose Basgen, Brian (Jun 24)
- Re: Rapid7 NeXpose Dick Jacobson (Jun 25)
- Re: Rapid7 NeXpose Joel Rosenblatt (Jun 25)
- Re: Rapid7 NeXpose Ferris, Joe (Jun 25)
- Re: Rapid7 NeXpose Clifford Collins (Jun 30)