Application Security
4/12/2017
01:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rapid7 Defines Next-Generation Analytics Platform for Security and IT Professionals

New virtual machine vulnerability management and beta for cloud-powered app security testing

  • Rapid7 Insight platform is the first cloud-based platform to combine vulnerability management, user behavior analytics-powered SIEM, IT log analytics, and application security data
  • Evolved platform centralizes operational and security data from the network, endpoints, and the cloud to unify data, accelerate analysis, and reduce cost of ownership
  • Rapid7 introduces two new solutions, on its platform: InsightVM, for live vulnerability and endpoint analytics, and InsightAppSec, for live web application security testing

 

Boston, MA – April 11, 2017 Rapid7, Inc. (NASDAQ: RPD), a leading provider of analytics solutions for security and IT operations, today announced the evolution of the Rapid7 Insight platform with the availability of two new solutions: InsightVM, for vulnerability management, and InsightAppSec, for application security testing. Processing more than 50 billion events and monitoring millions of assets daily, the Insight platform is the first to unify solutions for vulnerability management, user behavior analytics (UBA), SIEM, IT log analytics, and application security.

The cloud-based platform makes it possible for security and IT professionals to share data, research findings, and analytic-processing resources. The Rapid7 Insight platform significantly reduces the overall total cost of ownership inherent with on-premise, analytics-driven solutions, and automatically scales to meet the needs of users, helping to solve challenges presented by rapid data growth for both security and IT.

“Unnecessary complexity is at the heart of many issues security and IT teams face today. Rapid7’s cloud-based, analytics-driven platform evolved because security and IT professionals need intuitive solutions that quickly and easily provide answers to reduce risk,” said Lee Weiner, chief product officer at Rapid7. “By creating a platform that enables multiple applications to share data, research findings, and analytic processing, we’re improving our customers’ experience, surfacing answers faster, and reducing ownership cost.”

Rapid7’s Insight platform is built on nearly two decades of active research, a constantly expanding vulnerability and exploit database, Rapid7’s Metasploit, and learnings from thousands of penetration tests and the Company’s threat hunting team. This extensive, historical knowledge, combined with advanced analytics - including user behavior and exposure analytics, deception technologies, threat modeling, intelligence feeds, and machine learning - is then applied to customer data from network scans, logs, and endpoints. The Rapid7 Insight platform transforms this user data into answers by delivering actionable guidance for vulnerability management, incident detection, application security, and IT optimization.

“How many of us want more security stuff to install and manage?” asked Eric Ogren, senior security analyst with 451 Research. “The concept of Rapid7’s Insight platform, making the entire product portfolio available as a cloud-based service, is an interesting approach that promises to remove much of the complexity involved in operating a state-of-the-art security program.”

The Rapid7 Insight platform uses the same lightweight agent and data collectors across all of its security and IT solutions to gather machine data across logs, endpoint agents, and other sources. This simplified approach to data collection allows users to leverage the same data, collected once, to solve multiple, distinct challenges:

  • Vulnerability management teams have greater visibility to better understand the risk posed to their environment, and the most impactful remediations;
  • Incident responders are able to detect and respond to incidents in real time;
  • IT operations teams are able to drive productivity, maintain uptime, and quickly resolve potential issues; and
  • Application security teams are able to investigate vulnerabilities earlier in the development lifecycle.

 

Introducing Rapid7 InsightVM: advanced vulnerability management analytics and reporting

InsightVM builds on Rapid7’s award-winning, vulnerability management solution, Nexpose, now fully leveraging the power of the cloud to provide live answers to security professionals’ most critical questions. InsightVM’s live monitoring gathers continuous data, whether via agents or agentless, to provide security professionals with increased visibility into the risk posed by their entire network footprint, including cloud, virtual, and endpoints.

“Rapid7’s vulnerability management solution is the only technology I’ve ever used that gives me a full, actionable view of my environment, all the way to the endpoint,” said Scott Cheney, manager of information security at Sierra View Medical Center. “With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.”

InsightVM is designed to provide a fully available, scalable, and efficient way to collect vulnerability data and minimize risk. InsightVM automatically evaluates changes in users’ networks the moment they happen, allowing security professionals to better understand and quickly manage the risk posed to their organization.

Additionally, InsightVM now includes:

  • Rapid7 Insight Agent: This lightweight agent gives customers visibility all the way to the endpoint while prioritizing only the most important issues based on Rapid7’s high-fidelity RealRisk score.
  • Remediation Workflow: Allows security professionals to build custom filters for remediation tasks, automatically assign issues to the right people, integrate with existing ticketing solutions, and monitor to completion.
  • InsightVM Liveboards: Designed to show management teams their most critical risks, and provide the deep intelligence to improve productivity by taking the guesswork out of identifying security trends and priorities.

InsightVM is available now. For information on subscription pricing, please contact [email protected].

 

Coming soon, Rapid7 InsightAppSec: cloud-powered analysis for application security

InsightAppSec, currently in beta, is designed to provide security professionals with an unmatched ability to assess modern web applications, while keeping pace with the industry’s newest applications. Enabled by the Rapid7 Insight platform, InsightAppSec streamlines results to provide more comprehensive visibility, instantaneously. With a focus on ease of use, InsightAppSec will feature simpler scan creation, tuning, and scheduling.

The solution, which advances the capabilities of Rapid7’s AppSpider, will feature a sophisticated new workflow designed to provide more data and increased visibility into applications. InsightAppSec has a universal translator that automatically interprets the new technologies being used in today’s web and mobile applications.

For more information on entering the InsightAppSec beta, please contact [email protected].

 

The Power of Insight: Rapid7 InsightIDR and Rapid7 InsightOps

InsightIDR arms security professionals with the answers they need to quickly respond to and remediate security incidents. InsightIDR combines user behavior analytics (UBA) with pre-built detections and intruder traps, enabling security professionals to better detect the top attack vectors behind breaches – compromised credentials, malware, and phishing – earlier in the attack chain and from endpoint to cloud.

The solution, which launched in February 2016, has added complimentary threat intelligence, developed through extensive attacker and systems research, industry collaboration, and insights from Rapid7’s managed detection and response (MDR) team. This intelligence improves and adds to existing advanced detection and enables incident responders to be more effective through meaningful alerts, tailored to their environment. In addition, InsightIDR now has enhanced endpoint threat detection to better identify remote code execution and protocol poisoning attacks, along with memory forensics for deeper investigative analysis.

Also built on the Rapid7 Insight platform, InsightOps - announced in November 2016 - gives IT professionals the ability to answer operational questions. Now available in open beta, InsightOps, takes a modern approach to log management and asset interrogation. The solution reduces time spent writing search queries with out-of-the-box visualizations and pre-defined questions that IT professionals can ask of their IT infrastructure for immediate answers.

For more information about Rapid7 solutions, please visit: https://www.rapid7.com/products/

 

About Rapid7

Rapid7 (NASDAQ: RPD) is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,200 organizations across more than 110 countries, including 38% of the Fortune 1000. To learn more about Rapid7 or join our threat research, visit www.rapid7.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.