Logo

Visibility into Cloud applications, user risk, and attacker methodologies

Rapid7 has announced the general availability of its cloud application and user risk management solution, Rapid7 UserInsight, as well as several enhancements to its information-driven security analytics portfolio. With these innovations, Rapid7 is the first and only security analytics provider to offer visibility into user behavior across on-premise and cloud networks, to integrate phishing exposure information into user risk assessment, and to deliver fully closed-loop vulnerability validation for prioritising risk.

  • Monday, 25th November 2013 Posted 11 years ago in by Phil Alsop

"Security professionals are challenged with a lack of visibility and control due to the expanding use of cloud, mobile and social technology. At the same time, they face an increasingly effective and deceptive adversary," said Lee Weiner, senior vice president of products and engineering at Rapid7. "With this portfolio update, we're addressing these critical issues by leveraging our unique knowledge of attacker methodologies and providing unprecedented visibility into both the managed and unmanaged IT environment. We're enabling security professionals to see risk like never before, prioritise action based on known patterns of attack, and test the impact of their action."


Managing User Risk
Evolving IT usage models, such as the proliferation of cloud services, adoption of employee-owned smart phones, and an increasingly "social" business, have resulted in an organisation's trusted users representing considerable risk. Rapid7 UserInsight uniquely addresses this concern by monitoring user activity across on-premise, cloud, and mobile environments to provide comprehensive visibility, more effective incident response, and detection of compromised credentials.


Through native integration, security teams can see beyond the corporate network to activity with key cloud services, such as Salesforce and Box. Access to these cloud-based business services from personal devices is monitored as effectively as access from within the firewall. And now users can gain even greater insight into user risk by integrating data from phishing campaigns conducted through Rapid7 Metasploit Pro.


Metasploit Pro measures the effectiveness of security awareness trainings by running simulated phishing campaigns. The results of these campaigns are now integrated into UserInsight, where they are presented in the context of a broad view of user risk that includes visibility into user activity and detection of compromised credentials across on-premise, cloud and mobile environments. Only UserInsight offers this comprehensive capability.


Superior Vulnerability Management Through Vulnerability Validation
Metasploit Pro 4.8 also offers a deeper integration with Rapid7 Nexpose for validating vulnerabilities, enabling IT teams to identify critical risks by confirming a vulnerability's exploitability in the context of an organisation's environment. The integration includes a simpler workflow for validation and enhanced reporting capabilities. Only Rapid7 solutions offer closed-loop vulnerability validation, importing existing scan data from Nexpose into Metasploit, and returning validated results back to Nexpose for management and reporting. Nexpose administrators can easily group together assets that have validated vulnerabilities, allowing for efficient remediation.


Metasploit is the most popular open source penetration testing platform, constantly updated with exploits found in the wild by the community. This provides real-world threat insight for Nexpose users, who are able to benefit from the only closed-loop, streamlined integration of penetration testing and vulnerability management.


Effectiveness of Endpoint Controls
Rapid7 ControlsInsight enables security professionals to audit the effectiveness of their security controls for the endpoints deployed across their organisation. The new version, ControlsInsight 2.1, introduces new trending capabilities for tracking and communicating controls deployment trends. This means security professionals can now demonstrate progress in reducing risk across the organisation.


The new capabilities are available for individual security controls and leverage Rapid7's patent-pending threat model to provide security grades within the solution. Individual controls trending provides visibility into the assets covered by each control over time, while security grade trending analyses the effectiveness of controls already in place at defending against threats. Security professionals can access these new capabilities using interactive trending charts within the solution, or by integrating trending data into other tools via the open API.


Launched in August, ControlsInsight is already helping customers across a wide variety of industries including healthcare, legal and aerospace to increase the effectiveness of their security programs.