Case Study: PNM Resources achieves rapid vulnerability detection and remediation with Rapid7 Nexpose

Leveraging Dynamic Asset Groups in Rapid7 Nexpose

PNM Resources, an energy company, relied on Rapid7 Nexpose for vulnerability management. Security analyst Bruce needed to quickly identify how many servers and systems were affected by Heartbleed (CVE-2014-0160) and other OpenSSL issues without manually checking each machine — a manual check of 300 Linux servers would have taken at least four days.

By using Nexpose’s Dynamic Asset Groups with authenticated scans, Bruce could find vulnerable assets by CVE in minutes instead of days, giving clear visibility into remediation progress and a prioritized roadmap for patching. This approach saved significant time, increased team productivity, and extended to tracking third-party patches and other threats (e.g., Shellshock, POODLE), reducing overall risk.

PNM Resources

Bruce

Security Analyst