Rapid7
Rapid7 develops innovative solutions for complex security challenges. Rapid7's solutions are used by many customers and organizations, including some of the largest financial institutions, healthcare providers, energy companies, communications providers and government agencies. Rapid7 is also involved in a broad security community, including open source projects, freely available software and various events. Rapid7 is an active member of the Cyber Threat Alliance (CTA) and the Open Cybersecurity Alliance (OCA).
Rapid7 InsightIDR
Rapid7 InsightIDR is a cloud-native Security Information and Event Management (SIEM) with integrated network traffic analysis and User and Entity Behavior Analytics (UEBA). The data is analyzed and checked by the global MDR SOC. InsightIDR supports the evaluation and analysis of attacks to detect malicious actor activity and reduce the number of false alerts and days of work for your security professionals. It looks for actions that indicate compromised credentials, detects lateral movement within your systems, detects malware and sets traps for intruders.
Security Information and Event Management (SIEM)
The leading next-generation cloud SIEM is at the heart of InsightIDR. With its native cloud data lake, diverse log collection capabilities, custom log analysis and flexible search and reporting capabilities, you can analyze even the most complex data and gain insights faster.
User and Entity Behavior Analytics (UEBA)
Attackers today generate countless high-quality malicious programs. They compromise IT systems by moving between them using credentials stolen through traffic interception, social engineering, hash extraction and other techniques. User and entity behavior analysis links activity across the network to specific users. InsightIDR therefore continuously creates a baseline of normal user activity. If a user is behaving unusually, you can quickly identify and investigate this.
Rapid7 InsightVM
Rapid7 InsightVM is the next evolution in vulnerability management. InsightVM uses the latest analytics and endpoint technologies to uncover vulnerabilities, pinpoint their location, prioritize them across your organization and prove that your risk has been reduced.
Live Threat Monitoring
InsightVM Live Monitoring and Adaptive Security provide vulnerability management with up-to-date data, accurate risk assessments and knowledge of what attackers are looking for, so you can act more directly and quickly. InsightVM collects up-to-date data and automatically checks it for changes and threats. This makes countermeasures a matter of minutes.
With InsightVM Adaptive Security, you can automatically detect and scan new devices as they enter your network and identify which devices have critical vulnerabilities as they become known.
Rapid7 Nexpose
Nexpose is the on-premise vulnerability management software from Rapid7. With Nexpose, you can scan your infrastructure and get a clear list of all potential vulnerabilities and risks. The report also shows you which measures you can take to eliminate the biggest and most important risks to your infrastructure. Nexpose also integrates with Rapid7 InsightIDR to combine contextual data about vulnerabilities and potential exploits with advanced user behavior analytics and intrusion detection.
Active Vulnerability Management
Nexpose Live Monitoring and Adaptive Security provide your vulnerability management with up-to-date new data, granular risk assessments and insights into what attackers are looking for, so you can respond to events immediately. Collect new data and automatically assess changes and security risks - making recovery a matter of minutes. At the same time, benefit from a live view of vulnerabilities as they occur. Nexpose Adaptive Security automatically detects and scans new devices as they connect to your network and identifies which devices have critical vulnerabilities as soon as they occur.
Analytics Thinking like an Attacker
Not all vulnerabilities are the same and they change with the unique aspects of your ever-changing infrastructure. New data, much more than a list of old scan alerts with CVSS scores, is needed to know which vulnerabilities are most dangerous to you. Nexpose bundles decades of accumulated knowledge about attackers in a proven analysis library. With up-to-date data, via agents or Adaptive Security, Nexpose Exposure Analytics detects changes as soon as they occur and automatically prioritizes them so you can respond confidently and quickly.
Rapid7 Metasploit
Metasploit is the most popular exploit framework with around 1000 exploits that can be used to exploit security vulnerabilities. Metasploit Pro is the professional, paid solution with the integration of various tools for automatic scanning and penetration, for cracking passwords and for social engineering attacks. Metasploit Framework is the open source command line version, which is freely available including source code.
Software for Realistic Attack Scenarios
Automatically find the right exploits for the right vulnerabilities - simply import your network components and Metasploit Pro will do the rest. Use antivirus evasion techniques and post-exploitation modules (just like real hackers) to work your way deeper into the network after a successful initial attack.
Your Benefit
- Cloud-native Security Information and Event Management
- Flexible search and reporting functions
- Integrated threat intelligence
- Fasted detection of attacks and security incidents
- Better understanding of risks
- More efficient vulnerability management
Our Service
We support you with the introduction of a cloud-based SIEM with Rapid7 InsightIDR. We advise you on the implementation of use cases. We help you implement effective vulnerability management with InsightVM and Nexpose. If necessary, we support you with troubleshooting.