Rapid7 Takes Penetration Testing Mainstream With Metasploit Express

BOSTON, MA, October 14, 2010 (Press-News.org) Rapid7 , the leading provider of unified vulnerability management, compliance and penetration testing solutions, today introduced Metasploit Express , a comprehensive penetration testing solution built on the acclaimed open source Metasploit Framework. Metasploit Express is the first to bring affordable, comprehensive and easier-to-use penetration testing to organizations with limited time and budgets, empowering businesses to implement greater proactive security strategies and match the speed of advancing security threats.

Today's rapidly evolving security threat landscape is placing unprecedented demands on security organizations. Current commercial penetration testing options are costly and complex, and struggle to adapt to the dynamics of these evolving threats. Metasploit Express harnesses the power of open source and collaborative development to deliver a solution that evolves as quickly as the security threats organizations need to defend against. Metasploit Express is designed specifically for penetration testers and security professionals that require the ability to quickly determine real risks to data and infrastructure.

"When it comes to security, organizations need to stay nimble and react quickly to new vulnerabilities and exploits. Open and collaboratively-developed penetration testing solutions provide the best option for keeping pace with the speed of emerging threats," said Mike Tuchen, president and CEO of Rapid7. "Building off the Metasploit Framework, Metasploit Express can continue to evolve and remain innovative, with a price point and ease of use that is accessible for security professionals and organizations of all sizes."

Leveraging the Metasploit Framework, which remains open source and will also be greatly enhanced with the release of version 3.4 next month, Metasploit Express delivers a number of key features that streamline and facilitate the penetration testing process, including:

Comprehensive penetration testing capabilities
Based on the world's largest tested and integrated public database of exploits and payloads, Metasploit Express not only runs exploits but also detects and tests insecure configurations, such as weak passwords. Unlike other existing penetration testing solutions, Metasploit Express enables penetration testers to illuminate trust relationships between systems for a more accurate risk profile. In addition to testing standard PCs and servers, the product is able to compromise a wide range of network devices and offers data collection and automation capabilities for these devices.