Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Rapid7 Unveils New Security Products to Improve Visibility, Control

BOSTON – Rapid7 pulled the covers away from two products designed to improve an enterprise’s insight into its security posture. 

The products are dubbed ControlsInsight and UserInsight, and are aimed at providing deeper visibility into the security of users and endpoints.

BOSTON – Rapid7 pulled the covers away from two products designed to improve an enterprise’s insight into its security posture. 

The products are dubbed ControlsInsight and UserInsight, and are aimed at providing deeper visibility into the security of users and endpoints.

“Rapid7 ControlsInsight gives you a huge amount of visibility that the built-in management features of point solutions cannot provide,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “It looks at the entire picture relating to endpoint controls and shows you how effectively the controls are performing, whether they are optimally configured, and how they are working together.”

Rapid7Built-in management features do not give users this ‘big picture’ view, and the broader context plays a key role in making the data meaningful, Weiner continued. ControlsInsight does this by collecting a broad array of data – from configuration information to security patching data – that is correlated and leveraged in an analytical model that takes into account best practices.

“An example is visibility into how broadly password controls are enforced, such as shared administrator passwords,” said Weiner. “The use of shared admin passwords is a clear risk to organizations as they would be susceptible to a ‘pass-the-hash-attack’ that could gain access to many assets inside a network if exploited effectively.” 

As for UserInsight, the product provides user activity monitoring across on-premise, cloud and mobile environments to detect compromised credentials and improve incident response. According to Rapid7, through native integration, UserInsight can be used by security teams to see beyond he corporate network to activity involving cloud services such as Salesforce.

Identity and access management solutions should be used alongside UserInsight, Weiner said.

“Identity and access management solutions are focused on managing access to applications, roles, and entitlements, but they do not monitor actual activity of users,” he said. “This also becomes more challenging as the perimeter is eroding.  Users access corporate data from the network, from mobile devices and often times using cloud services.  UserInsight provides visibility into activity across on-premise networks, mobile and cloud applications to detect compromised credentials or anomalous  activity.”

ControlsInsight is available immediately; UserInsight will be available later this year.

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Robert Shaker II has joined application security firm ActiveState as Chief Product and Technology Officer.

MorganFranklin Cyber has promoted Nick Stallone and Ferdinand Hamada into newly created roles.

Jessica Newman has joined Sophos as General Manager of Global Cyber Insurance.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.