All posts by Corey Thomas

Introducing the Rapid7 Command Platform

Post Syndicated from Corey Thomas original https://blog.rapid7.com/2024/08/05/introducing-the-rapid7-command-platform/

Integrated Security Operations for the Next-Generation Attack Surface

Introducing the Rapid7 Command Platform

As cybercrime and attack surfaces have sprawled, Rapid7 has been able to grow with our customers because we are relentlessly focused on relevance. The way we see it, relevance doesn’t mean aligning to market definitions of categories, but rather deeply understanding how critical decisions need to be made and building solutions that provide the right context when and where customers need it.

From our foundations in vulnerability management 24 years ago, we have developed a comprehensive portfolio of security technologies trusted by over 11,000 customers around the globe. We are also home to a team of experts and researchers and the proud curators of one of the most renowned open source security communities – all of which informs our products and services, so customers can have our expertise at their fingertips.

While other vendors launched SIEMs focused on log aggregation and building mounds of data for customers to parse through, we launched our detections-centric next-gen SIEM focused on keeping SOCs ahead of adversaries. As other MDRs became alert-factories pushing the hard work back on the shoulders of their customers, we focused on building high signal-to-noise full environment coverage and end-to-end partnership. And when other exposure management providers stopped at the endpoint, we pushed integrated coverage to the cloud and beyond.

Today, I’m excited to share the next chapter in our mission to give customers command of their attack surface: the introduction of the Rapid7 Command Platform, our unified threat exposure and detection & response platform.

A Relevant View of Your Attack Surface You Can Trust

You cannot deliver what is relevant for customers without listening to customers. Across our industry, we have focused on building purpose-fit products to solve specific customer needs. As a result, even industry-leading products have become high cost, disparate sources of data which must be manually cobbled together for a low-confidence picture of the attack surface.

How can you secure and manage what you cannot see?

Our team has heard this over and over again and we made the commitment to build a better way. With this launch of the Rapid7 Command Platform, we can now deliver a more comprehensive view of your attack surface, with transparency that you can trust.

Anchored by Surface Command, our new unified asset inventory and attack surface management product, customers can get a more complete, vendor agnostic view of their internal and external attack surface—at a disruptive, all-in value.

We begin with a rapidly growing library of over 100 connectors, which collects and unifies data across your security ecosystem. Our AI-charged correlation engine deduplicates and reconciles telemetry across sources to create a cohesive visualization of your environment. While you get an out-of-the-box view, data transparency and detailed metadata drill downs means you can feel confident that you have both a more complete picture and the context you need to accelerate critical security decisions across teams. From the driver’s seat of your attack surface, you can zero-in on controls and policy gaps, discover shadow IT, and gather relevant context that accelerates prioritization and remediation activities. With the total visibility Surface Command provides, you gain total control of your attack surface.

Unified Threat Exposure, Detection, and Response

Reinforced by data silos, security program fundamentals – exposure management and detection & response – have operated in isolation for too long. The Command Platform’s ability to maximize and integrate your security data from endpoint to cloud will finally bring these functions into a single, integrated program that yields better productivity, efficiency, and efficacy for security teams.

Our second new solution on the Command Platform – Exposure Command – brings together the comprehensive visibility of Surface Command with leading vulnerability management and cloud-native application protection to deliver a true end-to-end attack defense. With Exposure Command, InfoSec teams can defend and monitor their risk landscape through the lens of an adversary.

On top of Surface Command’s total visibility, we add the context and clarity of what is actually being exploited in the wild, the items that we know attackers will have in their sights. Understanding what is truly urgent and important transforms endless to-do lists into actionable hit lists. This transparency also gives security leaders the confidence to socialize and articulate potential business impact if these items are not actioned. Married with policy and vulnerability coverage across hybrid environments, unified reporting, and remediation, Exposure Command is your hub for next-generation risk management.

The Command Platform will drive faster and more efficient Detection & Response, with reduced noise and greater conviction around the right actions to take to extinguish threats. We have already made progress towards this vision today with our Threat Complete product, which delivers the enriched context of exposure management alongside leading next-gen SIEM to stay ahead of attackers. The ability to pinpoint and correlate the events, activity, and alerts that actually matter and then know how to respond is the difference of getting breached or not. Whether you’re leveraging our cloud-first technology or partnering with our MDR SOC as an extension of your team, Rapid7 Detection & Response customers can be confident that they have the ecosystem coverage and context they need to be able to respond like an expert every time.

Confidently Take On the Next Era of Security with Rapid7

I’m so grateful to our customers and partners who have been the North Star in guiding us on this mission, and I am proud of the progress that this launch signifies. We are extremely excited to get the Command Platform, Surface Command, and Exposure Command into more hands and continue to improve how we deliver the most relevant security solutions for customers.

Rapid7 is on a path to deliver 100% attack surface visibility and monitoring that customers can afford and rely on, and we have many milestones that are still in front of us. I look forward to sharing more game-changing updates soon.

For those interested in learning more, we’d love to hear from you and share a demo of our new Exposure Command product – sign up here.

A Message from Rapid7 CEO, Corey Thomas

Post Syndicated from Corey Thomas original https://blog.rapid7.com/2023/08/08/a-message-from-rapid7-ceo-corey-thomas/

A Message from Rapid7 CEO, Corey Thomas

Earlier today, the following email was shared with Rapid7 employees.

Team,

As we accelerate our delivery of the leading security operations solution and service platform experience to customers, we have determined it is necessary to restructure our operations, including the difficult decision to reduce our team in the near term. We will announce our restructuring publicly this afternoon along with our Q2 earnings results.

While it may be surprising to take this measure when we are meeting performance expectations, making decisions from a place of strength allows us the opportunity to restructure intentionally.

All employees will receive an email shortly with additional detail based on their path forward and local requirements.

I would always prefer to speak to each of you individually. Unfortunately, there is no ideal way to have this conversation with all of our global Moose simultaneously, and I regret that some of you will be reading this after the news is public. I will remain online with you as morning reaches each timezone to host town hall meetings with local teams and leaders.

There are more details on how we are supporting impacted Moose below. First, I will provide additional context on our business that led up to this decision.

Where We Are Today

The security industry is characterized by constantly adapting and learning, which is what thrills and engages many of us—there are always new technologies, attacks, threats, and research. This is true of our company, our customers, and attackers. You do not survive in security without being adaptable and innovative.

Ten years ago security was an afterthought for business leaders, and the role of the security community was to sound the alarm and make in-roads to business conversations. As security has gained attention and budget share, organizations have accumulated stacks of single-purpose security technologies. However, even great security tools are often operated in silos and are not meeting the promise of results customers need.

In today’s complex hybrid environments with highly-capable and innovative attackers, customers demand efficacy and efficiency, and integration across solutions is becoming imperative.

Rapid7 has served customers for more than two decades by meeting shifting demands for the best of vulnerability management, threat detection, and attacker insights. Measured by customer achievement, we have been fortunate to sustain +20% growth for many years.

This is all impact that we have created together, and I am grateful for every bit of effort that got us here today. However, when it comes to consolidation, we—and the industry—have been too slow to adjust:

  1. In an effort to minimize disruption, we have been making incremental changes to meet these emergent needs. However, customers don’t need us to simply move faster on point solutions, they need us to move decisively and strategically toward an integrated experience.
  2. Our rapid growth in the cybersecurity upswing enabled us to add market leading capabilities quickly, however, as we have grown our employee base to meet demand, spun up teams quickly, and expanded to new regions, it has also created unnecessary friction and inefficiencies which hinder our customer experience.

This restructuring and near-term reduction will set up our teams and customers for long term success. It will increase our capacity to invest where customers need it, and give us the flexibility to scale intentionally, foster innovation, and improve processes.

We believe we are the only company in the world that can truly transform security operations by integrating risk, threat, and incident management into a seamless platform that eliminates unnecessary compromises.

At this inflection point, we will be strategically refocusing and realigning our business toward expanding our MDR leadership across all of security operations, accelerating our investments to build the most adoptable cloud capabilities, and continuing our focus on aligning our operations to deliver the best engagement and support for our customers.

It is difficult and heartbreaking to say goodbye to Moose who have been integral to our teams over the years. We would not go forward if we were not confident that this is the best and only way we will be able to deliver the experience that our customers demand, vault over our competition, and remain the best place to work for the most Moose possible.

Restructure and Refocus

Prior to making restructuring decisions, we engaged an external advisor to indicate the most impactful opportunities in our business. They determined that we could reduce the size of our business and improve efficiency, while remaining a growth-oriented company with capacity to make strategic customer investments.

However, our Moose are not simply data. A small group of senior leaders have been working tirelessly to identify the roles and teams not aligned to our tightened strategic priorities. Every organization and location at Rapid7 will be impacted, though some teams, like engineering and sales, will experience more substantial shifts.

Departing Moose

We have taken great care to reflect our vast appreciation of the work each of you have contributed to Rapid7 by offering the most high-touch, supportive transition possible.

All employees will receive an email from [email protected] in the next half hour with additional detail based on your path forward, circumstances, and local requirements. Your notification will also outline your next steps—Moose will have every opportunity to meet with their leaders and people strategy.

To support departing Moose, they will be eligible to receive severance packages, including continued healthcare coverage for the length of the severance period, as well as outplacement services for career support. Outside the U.S., there is a broad range of employment laws, and we’ll take great care to guide our Moose and their managers through these processes, such as required consultation periods. For employees whose immigration status is connected with their employment, People Strategy is working with each impacted individual in concert with our mobility team.

Most importantly, we continue to live our motto of “Once a Moose, Always a Moose.” We hope that, as the dust settles, you are able to look back on your impact here and will continue to nurture the networks and relationships you’ve built with fellow Moose. If you need a recommendation or endorsement, I hope everyone will join me in supporting these valuable team members.

Continuing Moose

For continuing Moose, you will see an immediate focus on our strategic direction to ensure you are not absorbing additional work, renewed processes to drive innovation, and tight collaboration to ensure we don’t repeat past patterns. Right now I would like you to take the time to acknowledge our departing Moose who have contributed to our success, and support customers to avoid any disruption.

You’ll receive a note for a meeting this week with your leadership team. Next week, we will begin follow-up town halls to dig into go-forward plans.

Please keep an eye on the announcements channel for additional materials.

Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

Post Syndicated from Corey Thomas original https://blog.rapid7.com/2021/07/19/rapid7-acquires-intsights/

Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

I am pleased to share the exciting news that, today, Rapid7 acquired IntSights, a leading provider of cloud-native, external threat intelligence and proactive threat remediation. The IntSights team is fantastic, and their threat intelligence capabilities are equally impressive. I’ll share more about why IntSights is a great fit for Rapid7 and our customers, but let me first share some context for this acquisition.

We’ve seen firsthand that with digital transformation the attack surface has increased exponentially and customers are recognizing that improved visibility to their internal risk profile is just one part of the security equation. With today’s threat landscape, it’s imperative for security teams to have early, contextualized threat detection across their internal and external environment. Yet most security teams are already under-resourced and overburdened, struggling to identify and address what needs immediate action. So, under these circumstances, how can we help security teams stay one step ahead of the attackers? Enter IntSights.

IntSights offers a leading, cloud-native, external threat intelligence and remediation solution that helps customers solve this emerging challenge. Sophisticated threat intelligence capabilities are typically only realistic for the most mature, well-resourced organizations. But IntSights is disrupting that and democratizing threat intelligence so that every organization can protect itself, regardless of size or capabilities.

There’s no shortage of threat intelligence information available today, but much of it lacks context, creating too much alert noise and additional work for already-overburdened security teams. IntSights’ flagship Threat Command offering turns complex signals into contextualized attack-surface intelligence, making threat intelligence easier for organizations of any size to remediate their most critical external threats.

For example, IntSights monitors the clear, deep, and dark webs to identify threats specifically targeting an organization’s digital footprint, including things like data and credential leakage, malicious activity tied to their brand, and fraud. But IntSights goes beyond monitoring and takes action by proactively remediating with automated takedowns of threats.

Coupling IntSights’ tailored, external threat-intelligence capabilities with Rapid7’s community-infused threat intelligence and deep understanding of customer environments will enable customers with a unified view into threats, attack-surface monitoring, greater signal-to-noise ratio, relevant insights, and proactive threat mitigation.

What’s next

IntSights has built a tremendous business and we look forward to making Threat Command available as a standalone offering to an even broader set of customers through this acquisition. At the same time, we will begin integrating IntSights’ threat-intelligence capabilities into the Rapid7 Insight Platform to unlock earlier threat identification and faster remediation across our entire portfolio. Learn more about how we intend to accelerate security operations and emergent threat response with our platform.

In addition, we will leverage IntSights’ capabilities to enhance our cloud-native, extended detection and response (XDR) capabilities by enabling high-quality, high-fidelity alerts to ensure efficient security operations, earlier threat detection, and accelerated response times. Learn more about how the acquisition of IntSights enhances our best-in-class XDR offering.

Welcome, IntSights!

From its beginning, IntSights set out on a mission to democratize threat intelligence, something that is very culturally synergistic with Rapid7, as we continue our journey to close the security achievement gap and bring high-quality and efficient security operations to organizations of all sizes and capabilities. I want to welcome IntSights’ customers, partners, and team members to Rapid7. Today we begin a new and exciting chapter together as we continue to innovate in the threat-intelligence space, always keeping the needs of our customers at the forefront. I look forward to what will undoubtedly be great things to come.