Boston based Vulnerability management and penetration testing solution provider Rapid7, announced this week that its signature products, Metasploit Pro™ and Metasploit Express™, have achieved Common Vulnerabilities and Exposures (CVE) compliance. CVE associates unique identifiers to security vulnerabilities and exposures to provide common names for publicly known problems.
The Metasploit Framework is a widely used solution, and according to Rapid7, users have downloaded Metaspolit over one million times in the past year. The company also claims Metaspolit has the world’s largest, public database for quality assured exploits. The company released its Metasploit Pro product in October.
With Metasploit’s CVE compatibility, Metasploit reports can now be more easily cross-referenced with other tools, such as the NeXpose vulnerability scanner.
Rapid7 has enhanced the features of its leading software solutions with CVE to provide a reference method of information security vulnerabilities and exposures as defined by the National Cyber-Security Division of the United States Department of Homeland Security through the non-profit MITRE Corporation.
As organizations face increasing threats to complex and business-critical systems, the ability to simulate realistic attacks on their infrastructure in a Using tools such as MetaSploit, organizations can make informed decisions about which vulnerabilities should be addressed and penetration testers can meet federal, state and local standards for tracking and documenting these security risks with canonical and widely applied industry references.
Metasploit Pro, priced at $15,000 per user annually, provides unrestricted remote network access and enables teams to collaborate on network penetration testing projects. Metasploit Pro offers additional functionality over Metasploit Express, its lower end solution priced at $3,000 per user annually, with support for security testing of custom Web applications, managing client-side campaigns against end-users and additional evasion features.