BOSTON – Rapid7 pulled the covers away from two products designed to improve an enterprise’s insight into its security posture.
The products are dubbed ControlsInsight and UserInsight, and are aimed at providing deeper visibility into the security of users and endpoints.
“Rapid7 ControlsInsight gives you a huge amount of visibility that the built-in management features of point solutions cannot provide,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “It looks at the entire picture relating to endpoint controls and shows you how effectively the controls are performing, whether they are optimally configured, and how they are working together.”
Built-in management features do not give users this ‘big picture’ view, and the broader context plays a key role in making the data meaningful, Weiner continued. ControlsInsight does this by collecting a broad array of data – from configuration information to security patching data – that is correlated and leveraged in an analytical model that takes into account best practices.
“An example is visibility into how broadly password controls are enforced, such as shared administrator passwords,” said Weiner. “The use of shared admin passwords is a clear risk to organizations as they would be susceptible to a ‘pass-the-hash-attack’ that could gain access to many assets inside a network if exploited effectively.”
As for UserInsight, the product provides user activity monitoring across on-premise, cloud and mobile environments to detect compromised credentials and improve incident response. According to Rapid7, through native integration, UserInsight can be used by security teams to see beyond he corporate network to activity involving cloud services such as Salesforce.
Identity and access management solutions should be used alongside UserInsight, Weiner said.
“Identity and access management solutions are focused on managing access to applications, roles, and entitlements, but they do not monitor actual activity of users,” he said. “This also becomes more challenging as the perimeter is eroding. Users access corporate data from the network, from mobile devices and often times using cloud services. UserInsight provides visibility into activity across on-premise networks, mobile and cloud applications to detect compromised credentials or anomalous activity.”
ControlsInsight is available immediately; UserInsight will be available later this year.
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
