With Nexpose, you can assess your network for secure configurations at the same time as vulnerabilities, giving you a unified view of your risk and compliance posture. The latest version of Nexpose focuses on making it easier to understand how well you’re doing and the actions to take to improve overall compliance.
Starting with Nexpose 6.2.0, users now have access to two brand new policy reports that help you take control of your compliance program and focus on what is important.
The first report is the Policy Rule Breakdown Report, which provides a rule by rule breakdown of a policy for each asset. This allows you to understand which rules have passed and which have failed, giving you a high level view of how compliant each of your assets are and which rules to focus on.
The second report is the Top Compliance Remediations Report, which provides a prioritized list of remediations to help you drive your compliance program. This list is prioritized based on the actions that will have the greatest impact in improving overall compliance across all your assets.
By default, this report will show the Top 25 Remediations prioritized by Nexpose, but you can to change this to a number that meets your needs. In the sample report above, remediating all of the identified issues will increase overall compliance by 12% within the scope of the report. You’ll notice that in this example the top 25 issues are identified based on 671 rules across 10 assets, which is the scope of this particular report. All of this information is rule driven with a detailed breakdown of how remediating specific rules will impact your overall compliance score. As you work through the remediation efforts identified, you can expect to see these numbers get smaller and smaller.