- Rapid7 Insight platform is the first cloud-based platform to combine vulnerability management, user behaviour analytics-powered SIEM, IT log analytics, and application security data
- Evolved platform centralizes operational and security data from the network, endpoints, and the cloud to unify data, accelerate analysis, and reduce cost of ownership
- Rapid7 introduces two new solutions, on its platform: InsightVM, for live vulnerability and endpoint analytics, and InsightAppSec, for live web application security testing
London, UK. Rapid7, Inc. (NASDAQ: RPD), a leading provider of analytics solutions for security and IT operations, today announced the evolution of the Rapid7 Insight platform with the availability of two new solutions: InsightVM, for vulnerability management, and InsightAppSec, for application securitytesting. Processing more than 50 billion events and monitoring millions of assets daily, the Insight platform is the first to unify solutions for vulnerability management, user behaviour analytics (UBA), SIEM, IT log analytics, and application security.
The cloud-based platform makes it possible for security and IT professionals to share data, research findings, and analytic-processing resources. The Rapid7 Insight platform significantly reduces the overall total cost of ownership inherent with on-premise, analytics-driven solutions, and automatically scales to meet the needs of users, helping to solve challenges presented by rapid data growth for both security and IT.
“Unnecessary complexity is at the heart of many issues security and IT teams face today. Rapid7’s cloud-based, analytics-driven platform evolved because security and IT professionals need intuitive solutions that quickly and easily provide answers to reduce risk,” said Lee Weiner, chief product officer at Rapid7. “By creating a platform that enables multiple applications to share data, research findings, and analytic processing, we’re improving our customers’ experience, surfacing answers faster, and reducing ownership cost.”
Rapid7’s Insight platform is built on nearly two decades of active research, a constantly expanding vulnerability and exploit database, Rapid7’s Metasploit, and learnings from thousands of penetration tests and the Company’s threat hunting team. This extensive, historical knowledge, combined with advanced analytics -including user behaviour and exposure analytics, deception technologies, threat modelling, intelligence feeds, and machine learning – is then applied to customer data from network scans, logs, and endpoints. The Rapid7 Insight platform transforms this user data into answers by delivering actionable guidance for vulnerability management, incident detection, application security, and IT optimization.
“How many of us want more security stuff to install and manage?” asked Eric Ogren, senior security analyst with 451 Research. “The concept of Rapid7’s Insight platform, making the entire product portfolio available as a cloud-based service, is an interesting approach that promises to remove much of the complexity involved in operating a state-of-the-art security program.”
The Rapid7 Insight platform uses the same lightweight agent and data collectors across all of its security and IT solutions to gather machine data across logs, endpoint agents, and other sources. This simplified approach to data collection allows users to leverage the same data, collected once, to solve multiple, distinct challenges:
- Vulnerability management teams have greater visibility to better understand the risk posed to their environment, and the most impactful remediations;
- Incident responders are able to detect and respond to incidents in real time;
- IT operations teams are able to drive productivity, maintain uptime, and quickly resolve potential issues; and
- Application security teams are able to investigate vulnerabilities earlier in the development lifecycle.
Introducing Rapid7 InsightVM: advanced vulnerability management analytics and reporting
InsightVM builds on Rapid7’s award-winning, vulnerability management solution, Nexpose, now fully leveraging the power of the cloud to provide live answers to security professionals’ most critical questions. InsightVM’s live monitoring gathers continuous data, whether via agents or agentless, to provide security professionals with increased visibility into the risk posed by their entire network footprint, including cloud, virtual, and endpoints.
“Rapid7’s vulnerability management solution is the only technology I’ve ever used that gives me a full, actionable view of my environment, all the way to the endpoint,” said Scott Cheney, manager of information security at Sierra View Medical Center. “With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.”
InsightVM is designed to provide a fully available, scalable, and efficient way to collect vulnerability data and minimize risk. InsightVM automatically evaluates changes in users’ networks the moment they happen, allowing security professionals to better understand and quickly manage the risk posed to their organization.
Additionally, InsightVM now includes:
- Rapid7 Insight Agent: This lightweight agent gives customers visibility all the way to the endpoint while prioritizing only the most important issues based on Rapid7’s high-fidelity RealRisk score.
- Remediation Workflow: Allows security professionals to build custom filters for remediation tasks, automatically assign issues to the right people, integrate with existing ticketing solutions, and monitor to completion.
- InsightVM Liveboards: Designed to show management teams their most critical risks, and provide the deep intelligence to improve productivity by taking the guesswork out of identifying security trends and priorities.
InsightVM is available now. For information on subscription pricing, please contact info@rapid7.com.
Coming soon, Rapid7 InsightAppSec: cloud-powered analysis for application security
InsightAppSec, currently in beta, is designed to provide security professionals with an unmatched ability to assess modern web applications, while keeping pace with the industry’s newest applications. Enabled by the Rapid7 Insight platform, InsightAppSec streamlines results to provide more comprehensive visibility, instantaneously. With a focus on ease of use, InsightAppSec will feature simpler scan creation, tuning, and scheduling.
The solution, which advances the capabilities of Rapid7’s AppSpider, will feature a sophisticated new workflow designed to provide more data and increased visibility into applications. InsightAppSec has a universal translator that automatically interprets the new technologies being used in today’s web and mobile applications.
For more information on entering the InsightAppSec beta, please contact info@rapid7.com.
The Power of Insight: Rapid7 InsightIDR and Rapid7 InsightOps
InsightIDR arms security professionals with the answers they need to quickly respond to and remediate security incidents. InsightIDR combines user behaviour analytics (UBA) with pre-built detections and intruder traps, enabling security professionals to better detect the top attack vectors behind breaches – compromised credentials, malware, and phishing – earlier in the attack chain and from endpoint to cloud.
The solution, which launched in February 2016, has added complimentary threat intelligence, developed through extensive attacker and systems research, industry collaboration, and insights from Rapid7’s managed detection and response (MDR) team. This intelligence improves and adds to existing advanced detection and enables incident responders to be more effective through meaningful alerts, tailored to their environment. In addition, InsightIDR now has enhanced endpoint threat detection to better identify remote code execution and protocol poisoning attacks, along with memory forensics for deeper investigative analysis.
Also built on the Rapid7 Insight platform, InsightOps – announced in November 2016 – gives IT professionals the ability to answer operational questions. Now available in open beta, InsightOps, takes a modern approach to log management and asset interrogation. The solution reduces time spent writing search queries with out-of-the-box visualizations and pre-defined questions that IT professionals can ask of their IT infrastructure for immediate answers.
For more information about Rapid7 solutions, please visit: https://www.rapid7.com/products/
About Rapid7
Rapid7 (NASDAQ: RPD) is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,200 organizations across more than 110 countries, including 38% of the Fortune 1000. To learn more about Rapid7 or join our threat research, visit www.rapid7.com.
Cautionary Language Concerning Forward-Looking Statements
This press release includes forward-looking statements. All statements contained in this press release other than statements of historical facts, including, without limitation, statements regarding expectations, beliefs, features, benefits and general availability of InsightVM and InsightAppSec, technology integrations, as well as statements regarding plans and strategies for future operations, are forward-looking statements. The words “anticipate,” “believe,” “continue,” “estimate,” “expect,” “intend,” “may,” “will” and similar expressions are intended to identify forward-looking statements. We have based these forward-looking statements largely on our current expectations and projections about future events and financial trends that we believe may affect the performance of InsightVM and InsightAppSec, our financial condition, results of operations, business strategy, short-term and long-term business operations and objectives and financial needs. These forward-looking statements are subject to a number of risks and uncertainties, including, without limitation, risks related to our rapid growth and ability to sustain our revenue growth rate, the ability of our products and professional services to correctly detect vulnerabilities, competition in the markets in which we operate, market growth, our ability to innovate and manage our growth, our ability to integrate acquired operations, our ability to operate in compliance with applicable laws as well as other risks and uncertainties set forth in the “Risk Factors” section of our Annual Report on Form 10-K for the year ended December 31, 2016 filed with the Securities and Exchange Commission on March 9, 2017, and subsequent reports that we file with the Securities and Exchange Commission. Moreover, we operate in a very competitive and rapidly changing environment. New risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties and assumptions, we cannot guarantee future results, levels of activity, performance, achievements or events and circumstances reflected in the forward-looking statements will occur. We are under no duty to update any of these forward-looking statements after the date of this press release to conform these statements to actual results or revised expectations, except as required by law. You should, therefore, not rely on these forward-looking statements as representing our views as of any date subsequent to the date of this press release. Any future service, feature, objective or benefit that may be referenced in this release is for information purposes only and is not a commitment to deliver any service, feature, objective or benefit. Rapid7 reserves the right to modify or cancel future plans at any time.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.