Tag Archives: Threat Command

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Post Syndicated from Stacy Moran original https://blog.rapid7.com/2022/09/22/one-year-after-intsights-acquisition-threat-intels-value-is-clear/

Rapid7 Strengthens Market Position With 360-Degree XDR and Best-in-Class Threat Intelligence Offerings

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Time flies… and provides opportunities to establish proof points. After recently passing the one-year milestone of Rapid7’s acquisition of IntSights, the added value threat intelligence brings to our product portfolio is unmistakable.  

Cross-platform SIEM, SOAR, and VM integrations expand capabilities and deliver super-charged XDR

Integrations with Rapid7 InsightIDR (SIEM) and InsightConnect (SOAR) strengthen our product offerings. Infusing these tools with threat intelligence elevates customer security outcomes and delivers greater visibility across applications, while speeding response times. The combination of expertly vetted detections, contextual intelligence, and automated workflows within the security operations center (SOC) helps teams gain immediate visibility into the external attack surface from within their SIEM environments.

The threat intelligence integration with IDR is unique to Rapid7. It’s the only XDR solution in the market to infuse both generic threat intelligence IOCs and customized digital risk protection coverage. Users receive contextual, tailored alerts based on their digital assets, enabling them to detect potential threats before they hit endpoints and become incident response cases.

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Capabilities

  • Expand and accelerate threat detection with native integration of Threat Command alerts and TIP Threat Library IOCs with InsightIDR.
  • Proactively thwart attack plans with alerts that identify active threats across the attack surface.
One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Benefits

  • 360-degree visibility and protection across your internal and external attack surface
  • Faster automated discovery and elimination of threats via correlation of Threat Command alerts with InsightIDR investigative capabilities

Learn more: 360-Degree XDR and Attack Surface Coverage, XDR Solution Brief

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

The Threat Command Vulnerability Risk Analyzer (VRA) + InsightVM integration delivers complete visibility into digital assets and vulnerabilities across your attack surface, including attacker perspective, trends, and active discussions and exploits. Joint customers can import data from InsightVM into their VRA environment where CVEs are enriched with valuable context and prioritized by vulnerability criticality and risk, eliminating the guesswork of manual patch management. VRA is a bridge connecting objective critical data with contextualized threat intelligence derived from tactical observations and deep research. In addition to VRA, customers can leverage Threat Command’s Browser Extension to obtain additional context on CVEs, and TIP module to see related IOCs and block actively exploited vulnerabilities.

Integration benefits

  • Visibility: Continuously monitor assets and associated vulnerabilities.
  • Speed: Instantly assess risk from emerging vulnerabilities and improve patching cadence.
  • Assessment: Eliminate blind spots with enhanced vulnerability coverage.
  • Productivity: Reduce time security analysts spend searching for threats by 75% or more.
  • Prioritization: Focus on the vulnerabilities that matter most.
  • Automation: Integrate CVEs enriched with threat intelligence into existing security stack.
  • Simplification: Rely on intuitive dashboards for centralized vulnerability management.
One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Learn how to leverage this integration to effectively prioritize and accelerate vulnerability remediation in this short demo and Integration Solution Brief.

In addition to these game-changing integrations that infuse Rapid7 Insight Platform solutions with external threat intelligence, Threat Command also introduced numerous feature and platform enhancements during the past several months.

Expanded detections and reduced noise

Of all mainstream social media platforms, Twitter has the fewest restrictions and regulations; coupled with maximum anonymity, this makes the service a breeding ground for hostile discourse.

Twitter by the numbers (in 2021)

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Threat Command Twitter Chatter coverage continually monitors Twitter discourse and alerts customers regarding mentions of company domains. Expanded Twitter coverage later this year will include company and brand names.

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Threat Command’s Information Stealers feature expands the platform’s botnets credentials coverage. We now detect and alert on information-stealing malware that gathered leaked credentials and private data from infected devices. Customers are alerted when employees or users have been compromised (via corporate email, website, or mobile app). Rely on extended protection against this prevalent and growing malware threat based on our unique ability to obtain compromised data via our exclusive access to threat actors.

Accelerated time to value

The recently enhanced Threat Command Asset Management dashboard provides visibility into the risk associated with specific assets, displays asset targeting trends, and enables drill-down for alert investigation. Users can now categorize assets using tags and comments, generate bulk actions for multiple assets, and see a historical perspective of all activity related to specific assets.

Better visibility for faster decisions

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Strategic Intelligence is now available to existing Threat Command customers for a limited time in Open Preview mode. The Strategic Intelligence dashboard, aligned to the MITRE ATT&CK framework, enables CISOs and other security executives to track risk over time and assess, plan, and budget for future security investments.

Capabilities

  • View potential vulnerabilities attackers may use to execute an attack – aligned to the MITRE ATT&CK framework (tactics & techniques).
  • See trends in your external attack surface and track progress over time in exposed areas.
  • Benchmark your exposure relative to other Threat Command customers in your sector/vertical.
  • Easily communicate gaps and trends to management via dashboard and/or reports.

Benefits

  • Rapid7 is the first vendor in the TI space to provide a comprehensive strategic view of an organization’s external threat landscape.
  • Achieve your security goals with complete, forward-looking, and actionable intelligence context about your external assets.
  • Bridge the communication and reporting gap between your CTI analysts dealing with everyday threats and the CISO, focused on the bigger picture.
One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Stay tuned!

There are many more exciting feature enhancements and new releases planned by year end.

Learn more about how Threat Command simplifies threat intelligence, delivering instant value  for organizations of any size or maturity, while reducing risk exposure.

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.

Additional reading:

360-Degree XDR and Attack Surface Coverage With Rapid7

Post Syndicated from Margaret Wei original https://blog.rapid7.com/2022/08/18/360-degree-xdr-and-attack-surface-coverage-with-rapid7/

360-Degree XDR and Attack Surface Coverage With Rapid7

Today’s already resource-constrained security teams are tasked with protecting more as environments sprawl and alerts pile up, while attackers continue to get stealthier and add to their arsenal. To be successful against bad actors, security teams need to be proactive against evolving attacks in their earliest stages and ready to detect and respond to advanced threats that make it past defenses (because they will).

Eliminate blindspots and extinguish threats earlier and faster

Rapid7’s external threat intelligence solution, Threat Command, reduces the noise of numerous threat feeds and external sources, and prioritizes and alerts on the most relevant threats to your organization. When used alongside InsightIDR, Rapid7’s next-gen SIEM and XDR, and InsightConnect, Rapid7’s SOAR solution, you’ll unlock a complete view of your internal and external attack surface with unmatched signal to noise.

Leverage InsightIDR, Threat Command, and InsightConnect to:

  • Gain 360-degree visibility with expanded coverage beyond the traditional network perimeter thanks to Threat Command alerts being ingested into InsightIDR, giving you a more holistic picture of your threat landscape.
  • Proactively thwart attack plans with Threat Command alerts that identify active threats from across your attack surface.
  • Find and eliminate threats faster when you correlate and investigate Threat Command alerts with InsightIDR’s rich investigative capabilities.
  • Automate your response by attaching an InsightConnect workflow to take action as soon as a detection or a Threat Command alert surfaces in InsightIDR.
360-Degree XDR and Attack Surface Coverage With Rapid7
Threat Command alerts alongside InsightIDR Detection Rules

Stronger signal to noise with Threat Command Threat Library

The power of InsightIDR and Threat Command doesn’t end there. We added another layer to our threat intelligence earlier this year when we integrated Threat Command’s Threat Library into InsightIDR to give more visibility into new indicators of compromise (IOCs) and continued strength around signal to noise.

All IOCs related to threat actors tracked in Threat Command are automatically applied to customer data sent to InsightIDR, which means you automatically get current and future coverage as new IOCs are found by the research team. Alongside InsightIDR’s variety of detection types — User Behavior Analytics (UBA), Attacker Behavior Analytics (ABA), and custom detections — you’re covered against all infiltrations, from lateral movement to unique attacker behaviors and everything in between. The impact? Your team is never behind on emerging threats to your organization.

Faster, more efficient responses with InsightConnect

Strong signal to noise is taken a step further with automation, so teams can not only identify threats quickly but respond immediately. The expanded integration between InsightConnect and InsightIDR allows you to respond to any alert being generated in your environment. With this, you can easily create and map InsightConnect workflows to any ABA, UBA, or custom detection rule, so tailored response actions can be initiated as soon as there is a new detection.

See something suspicious that didn’t trip a detection? You can invoke on-demand automation with integrated Quick Actions from any page in InsightIDR.

360-Degree XDR and Attack Surface Coverage With Rapid7
Mapping of InsightConnect workflows to an ABA alert in InsightIDR

Sophisticated XDR without any headaches

With Rapid7, you’ll achieve sophisticated detection and response outcomes with greater efficiency and efficacy — no matter where you and your team are on your security journey. Stay up to date on the latest from InsightIDR, Threat Command, and InsightConnect as we continue to up-level our cross-product integrations to bring you the most comprehensive XDR solution.

Additional reading:

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.

Two Rapid7 Solutions Take Top Honors at SC Awards Europe

Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/06/23/two-rapid7-solutions-take-top-honors-at-sc-awards-europe/

Two Rapid7 Solutions Take Top Honors at SC Awards Europe

LONDON—We are pleased to announce that two Rapid7 solutions were recognized on Tuesday, June 21, at the prestigious SC Awards Europe, which were presented at the London Marriott, Grosvenor Square. InsightIDR took the top spot in the Best SIEM Solution category, and Threat Command brought home the award for Best Threat Intelligence Technology for the second year in a row.

The SC Awards Europe recognize and reward products and services that stand out from the crowd and exceed customer expectations. This year’s awards, which come at a time of rapid digital transformation and technology innovation, were assessed by a panel of highly experienced judges from a variety of industries. SC Media UK, which hosts the awards, is a leading information resource for cybersecurity professionals across Europe.

InsightIDR named “Best SIEM”

Security practitioners are using Rapid7 InsightIDR to address the challenges most everyone shares: Digital transformation is driving constant change, the attack surface continues to sprawl, and the skills gap drags on.

Traditional security information and event management (SIEM) solutions put the burden of heavy rule configuration, detection telemetry integration, dashboard and reporting content curation, and incident response on the customer. But industry-leading InsightIDR has always been different. It ties together disparate data from across a customer’s environment, including user activity, logs, cloud, endpoints, network traffic, and more into one place, ending tab-hopping and multi-tasking. Security teams get curated out-of-the box detections, high-context actionable insights, and built-in automation.

With easy SaaS deployment and lightning fast time-to-value, 72% of users report greatly improved team efficiency, 71% report accelerated detection of compromised assets, and most report reducing time to address an incident by 25-50%.  

Threat Command named “Best Threat Intelligence Technology”

Rapid7 Threat Command is an external threat protection solution that proactively monitors thousands of sources across the clear, deep, and dark web. It enables security practitioners to anticipate threats, mitigate business risk, increase efficiency, and make informed decisions.

Threat Command delivers industry-leading AI/ML threat intelligence technology along with expert human intelligence analysis to continuously discover threats and map intelligence to organizations’ digital assets and vulnerabilities. This includes:

  • Patented technology and techniques for the detection, removal, and/or blocking of malicious threats
  • Dark web monitoring from analysts with unique access to invitation-only hacker forums and criminal marketplaces
  • The industry’s only 24/7/365 intelligence support from experts for deeper investigation into critical alerts
  • Single-click remediation including takedowns, facilitated by our in-house team of experts

100% of Threat Command users surveyed said the tool delivered faster time to value than other threat intelligence solutions they’d used, and 85% said adopting Threat Command improved their detection and response capabilities.

InsightIDR + Threat Command

Using InsightIDR and Threat Command together can further increase security teams’ efficiency and reduce risk. Users get a 360-degree view of internal and external threats, enabling them to avert attacks, accelerate investigations with comprehensive threat context, and flag the most relevant information — minimizing the time it takes to respond. With InsightIDR and Threat Command, customers are able to more effectively and efficiently see relevant threat data across their attack surface and quickly pivot to take immediate action – in the earliest stages of attack, even before a threat has fully evolved.

Learn more about how InsightIDR and Threat Command can fit into your organization’s security strategy.

Additional reading:

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.