Re: Rapid7 NeXpose

[Clifford Collins <collinsc () FRANKLIN EDU>]

We've been using NeXpose for a few years with great success. The company has been responsive to suggestions for 
improving the product, they aggressively work issues when reported, and their external scanning capabilities work 
seamlessly with our internal scans. Their scan engine just looks like another one of ours from the console perspective. 

Oh, and we've never had problems with pushy sales reps either. 

Clifford A. Collins 
Information Security Officer 
Franklin University 
201 South Grant Avenue 
Columbus, Ohio 43215 
"Security is a process, not a product" 

----- Original Message ----- 
From: "Heather Axworthy" <haxworthy () UMASSP EDU> 
To: SECURITY () LISTSERV EDUCAUSE EDU 
Sent: Tuesday, June 23, 2009 2:24:08 PM GMT -05:00 US/Canada Eastern 
Subject: [SECURITY] Rapid7 NeXpose 




Hi all, 



We are in the middle of evaluating vulnerability scanning tools. I recently had a demo of Rapid7’s NeXpose tool. Just 
curious if there are any other institutions that currently use it and if it met your scanning needs. We are looking at 
their SaaS model for external scanning. 



We are also in the middle of evaluating Qualys and was also wondering if anyone out there did a comparison between the 
two products. 



Again, any information would be greatly appreciated. 



Please feel free to reply off list. 



Thanks, 

Heather 





umass:: Heather Axworthy , Lead Security Specialist 
:: University Information Technology Services (UITS) 
:: University of Massachusetts President's Office 
:: 774.455.7762 Phone 

:: 774.455.7733 Fax 
:: haxworthy () umassp edu 

University of Massachusetts : 333 South St. : Suite 400 : Shrewsbury, MA 01545 : www.massachusetts.edu