Post Syndicated from Stacy Moran original https://blog.rapid7.com/2023/03/15/rapid7-threat-command-delivered-311-roi-2023-forrester-consulting-total-economic-impact-study/

Volume up (and not in a good way)

Security teams must continuously contort their efforts to effectively respond to the growing volume of cyberthreats. These constantly shifting methods in the security operations center (SOC) can be difficult to manage in the face of emerging external threats—it can be like keeping multiple spinning plates in the air at once.

“63% of organizations globally were breached in 2021, and security decision-makers were more concerned about external attacks than any other attack vector,” according to the new Forrester Consulting study commissioned by Rapid7—The Total Economic Impact(™) of Rapid7 Threat Command For Digital Risk Protection and Threat Intelligence (hereafter referred to as “the study”).

As the world continues to lean into the convenience of the digital age, cyberthreats continue to rise. Greater visibility is needed. Accurate automation is needed. And enhancements to every organization’s overall security posture are most certainly needed to stay secure in the global economy.

Intelligence when you need it

The more contextualized alerts and insight you can gain on a potential threat, the better positioned you’ll be to mitigate the threat before it can have a tangible impact on the business. Threat Command from Rapid7 was specifically built to help security organizations gain clarity about external threats. Can it see around corners? Almost.

Threat Command produced an ROI of more than 300%! The characteristics of the composite organization used for this calculation were based on real-life customer interviews Forrester conducted within their Total Economic Impact (TEI) framework. This representative organization is described as a $5.7 billion global enterprise consisting of 7,500 employees and headquartered in North America. The study concluded that this business realized 311% ROI over three years while also fending off threats with a solution that prioritizes:

• Immediate value and the ability to get up and running quickly
• More active responses with agile detection and automated alert responses
• Simplified workflows that leverage mapping capabilities to accelerate investigations

All of this translates into greater visibility into threats—before their truly concussive effects are felt—which can lead to significantly reduced aftershocks of cyberattacks.

Benefits and other findings

Threat Command reduced the likelihood of a major security breach by up to 70%. The composite organization was able to realize significant efficiencies—and cost savings—leading to a considerable reduction in the probability of a breach event. The Forrester Consulting study states:

“By implementing Threat Command, the composite organization gains greater efficiency to detect, investigate, respond to, and remediate cyberattacks… Having Threat Command as a part of its security environment has the effect of lowering the likelihood of successful breaches by up to 70% over the course of three years and decreasing the impact of cyberattacks. This results in up to $1.1 million (PV) in savings over three years.”

Organizations were also able to leverage Threat Command to lower signal-to-noise alert ratio, as well as proactively identify and remediate threats before they morph into significant business impact. Indeed, automation helped in this area and led to time savings. A study interviewee—the principal threat intelligence analyst for a financial services firm—estimated three analysts on the security team saved three to four hours a day after implementing Threat Command.

“We were having a lot of trouble distinguishing relevant threats from noise. It was a manual approach of pulling the information from these sources … It was very reactive.”—Principal threat intelligence analyst, financial services

Remediation efficiency

Threat Command delivered a 75% reduction in time for investigation, threat hunting, and analysis. When looked at in terms of workforce, this helped organizations avoid the cost of bringing on additional headcount due to Threat Command’s comprehensive detection and user access to Rapid7’s internal SOC and remediation teams.

What about security posture?

Threat Command created benefits of $1.88 million over three years against costs of $457,000. We believe that with numbers like that, employees would benefit, shareholders would be happy, and the company would make progress toward meeting its financial goals.

But threats still loom. So, how did interviewees’ overall security postures look after implementing Threat Command? They experienced the following gains:

• More efficient security processes
• Personalized alerts on potential threats
• Rapid takedowns of accounts and domains from the dark web
• Greater accounting of all digital assets
• Transition from a reactive to proactive approach for threat intelligence and remediation

Make intelligence intelligent

With regard to securing an ever-expanding attack surface, information means nothing if it can’t be interpreted and acted upon. Threat Command from Rapid7 can supercharge your ability to turn intelligence into results-focused action with faster detection and automated alert responses across your environment.

There are lots of numbers in this study, and we love that. It’s great to see proof that a solution is capable of helping customers become more confident in their security postures. But Rapid7’s commitment to partnering with our customers goes beyond the numbers. We’ll never stop innovating on the effectiveness of our products and services to proactively defend against—and defeat—the growing volume of global threats.

For a deep-dive into The Total Economic Impact(™) of Rapid7 Threat Command for Digital Risk Protection and Threat Intelligence, download the study now.

Post Syndicated from Stacy Moran original https://blog.rapid7.com/2023/01/31/year-in-review-rapid7-threat-intelligence/

In an evolving threat landscape, non-stop alerts and more IOC feeds don’t guarantee better protection. Security teams are overwhelmed and struggle to identify relevant threat information.

Thankfully, Threat Command delivers highly contextual alerts and integration across your environment to help you cut through the noise, enable prioritization, streamline operations, and reduce brand exposure. Threat Command external threat intelligence protects organizations in every industry from targeted threats across the clear, deep, and dark web.

As we forge into 2023, we remain laser-focused and committed to addressing the critical needs of resource-constrained security operations teams:

• Accessible and actionable external threat intelligence
• Better visibility for faster decisions
• Greater relevance, less noise
• Simplified security workflows
• Accelerated response
• Faster time-to-value

But first, let’s take a look at the ways we improved Threat Command in 2022.

Executing on Our Promise of Value
2022 Product Feature Introductions and Enhancements

Throughout 2022, we continuously iterated and improved upon the capabilities of Threat Command, making it an even more effective resource to keep your organization safe from external threats. Here is a rundown of some of the most important improvements we made last year.

First Half 2022

In our blog “Threat Intel Enhances Rapid7 XDR With Improved Visibility and Context”, we summarize the unmistakable value threat intelligence brings to the Rapid7 solution portfolio in year one following the IntSights acquisition. Highlights include:

• Threat Command + InsightIDR integration: The only 360-degree XDR solution in the market that infuses generic threat intelligence (IOCs) and customized digital risk protection coverage. Unlock a comprehensive view of your external and internal attack surface by seeing Threat Command alerts alongside IDR detections.
• Threat Command Vulnerability Risk Analyzer + InsightVM integration: Rely on threat intelligence vulnerability context and risk prioritization that eliminates the guesswork of manual patch management.
• Twitter Chatter: Know when your company is mentioned in negative discourse on Twitter.
• Information Stealers: Get alerted when employees have been compromised by malware that gathers leaked credentials and private data from infected devices. In many cases, this scenario plays out on employee-owned personal devices, drastically amplifying potential risk to the organization.
• Asset Management: Track your most targeted digital assets for a more proactive defense. Categorize your assets using tags and comments, and automatically generate policy conditions and bulk actions for alerts.
• Strategic Intelligence: The first strategic dashboard for CISOs delivers visualization of threats specifically targeting the organization – critical input for assessing, planning, and budgeting for future security investments. This is the threat intelligence market’s only comprehensive view of an organization’s external threat landscape (aligned to the MITRE ATT&CK framework).

Second Half 2022

Rapid7 + ServiceNow: In the second half of the year, we released Threat Command for ServiceNow ITSM. Users of both platforms now have access to an end-to-end integration for managing security incidents:

• Quickly and easily create ServiceNow incidents based on Threat Command alert data for streamlined incident response from a single pane of glass within ServiceNow.
• Create incidents in your ServiceNow instance based on Threat Command alert data and assign ITSM tickets to specific users or groups.

Customers can install the app now from the ServiceNow store.

Learn more: Threat Command ServiceNow ITSM Integration Brief

Rapid7 + MISP: Our Threat Intelligence Platform (TIP) now integrates with MISP (Malware Information Sharing Platform), an open-source TI platform that collects and shares indicators of compromise related to security incidents. This integration allows users to ingest enriched IOCs from our TIP and create events in MISP cloud devices.

TIP Investigation Enhancements

• Filterable user events now appear in the IOC Timeline for improved visibility and investigation efficiency. Users can view events related to specific IOCs, sorted by date.
• See the relation types between related IOCs on the Investigation map for 360-degree visibility and faster investigations.
• View Threat Command alert indications on IOC nodes in the Investigation map for additional visibility.

Leaked Credentials Enhancements

• Our Leaked Credentials coverage now supports a wide variety of additional database formats, allowing broader visibility into the ever-expanding threat of leaked credentials detected in various breaches and hacker campaigns across the clear, deep, and dark web.

Looking Ahead

Lots happening in 2023! Look for our new Forrester Total Economic Impact of Rapid7 Threat Command for Digital Risk Protection and Threat Intelligence in early Q2 (sneak peak: our ROI number surpasses that of our primary competitors!) and new solutions packages that scale with customer needs across the maturity spectrum and offer opportunities to maximize ROI.

Stay tuned!

There are many more exciting feature enhancements and new releases planned throughout the year. A big thank you to all of our customers and partners. We look forward to delivering even more value to you in 2023!

Learn more about how Threat Command simplifies threat intelligence, delivering instant value for organizations of any size or maturity, while reducing risk exposure. Watch an on-demand demo to see how Threat Command takes the complexity out of threat intelligence with an intuitive platform that prioritizes the most critical threats to your organization.

Want to find out where and how your organization is being targeted? Get a free threat report now.