Nexpose

Nexpose is Rapid7’s on-premise vulnerability management platform, first released in the mid-2000s and now operating as the scan engine foundation for the InsightVM product line. It performs authenticated and unauthenticated network scanning across servers, desktops, network devices, and web applications, combining traditional CVSS-based scoring with Rapid7’s proprietary Active Risk algorithm. Active Risk draws from live threat intelligence sources — including Metasploit exploit data, ExploitDB, AttackerKB researcher sentiment, and EPSS probability scores — to surface vulnerabilities that carry real exploitability risk rather than theoretical severity alone.

The platform is architected around a central Security Console (web UI backed by an embedded PostgreSQL database) paired with one or more distributed Scan Engines that can be deployed across network segments or remote sites. The console aggregates scan data, drives reporting, manages remediation workflows, and exposes a RESTful API (v3) for integration with SIEMs, ticketing systems (Jira, ServiceNow), and SOAR platforms. Scan coverage extends to OS-level configuration, compliance benchmarks (CIS, NIST, PCI-DSS, HIPAA, DISA STIG, SCAP), and basic web application surfaces.

Rapid7 actively positions InsightVM — the cloud-connected SaaS/hybrid variant — as the strategic successor, though Nexpose continues to receive security updates and remains the preferred choice for air-gapped or strict on-premise deployments. It supports installation on bare metal or virtual machines running 64-bit Linux or Windows Server, with scan engines also available as Docker container images for flexible deployment in segmented environments.