The Nexpose Expert System

Using an Expert System for Deeper Vulnerability Scanning

Fill out the form below to download this technical paper

This paper explains how Rapid7 Nexpose uses an expert system to achieve better results in vulnerability scanning compared to traditional procedural methods. After a brief discussion of the product objectives and implementation, this paper explores the use of expert systems to achieve accurate and detailed vulnerability results.

This technical paper explains:

  • Key components of the Nexpose architecture and how they aid more efficient vulnerability scanning and reporting
  • How Nexpose makes use of the Java Expert System Shell (JESS) in its scanning engine
  • How using the Java Expert System Shell helps Nexpose find assets and vulnerabilities that other scanners cannot

This technical paper is relevant to security professionals interested in better techniques of finding vulnerabilities who have a solid understanding of networking principles and familiarity with the concepts related to hacking, vulnerabilities, and exploits.