Rapid7 and Sourcefire Partnership Offers Customers More Effective Threat Analysis

Rapid7 and Sourcefire today announced a product integration which enables Sourcefire’s 3D System to integrate active vulnerability data from Rapid7’s active scanning solution, NeXpose Enterprise. The integration enables efficient prioritization of alerts and assessment of malicious intent, giving customers a more effective threat impact analysis, covering a wider range of vulnerabilities across more applications.

Through the integration, customers gain depth and breadth from active scanning, with always-on assessment from passive discovery and monitoring, resulting in more complete contextual end point and network data for more effective impact analysis.

Rapid7’s NeXpose identifies vulnerabilities across networks, operating systems, databases, Web applications and a wide-range of system platforms, and prioritizes vulnerabilities using exploit risk scoring and asset criticality ratings. Metasploit Pro emulates real-world attacks on the network in order to test for the ability to penetrate the vulnerabilities and launch an attack, decreasing the time to test and increasing the efficiency in real threat detection.

Sourcefire’s 3D System is an adaptive intrusion prevention solution which uniquely identifies and responds to changes in network infrastructure. With a detailed understanding of the devices, applications, and services deployed on the network, and their potential vulnerabilities, the 3D System escalates warnings of meaningful attacks, while suppressing unimportant and irrelevant events—allowing security analysts to focus their time and attention on the attacks that represent a real threat.

“For organizations with large, complex IT environments, reducing false positives and prioritizing risks can significantly improve the overall security and health of a network,” said Martin Roesch, CTO of Sourcefire. “By leveraging the integrated Sourcefire and Rapid7 solutions, customers benefit from a faster and more cost-effective way to assess the impact of an attack and improve overall security posture across more applications.”