Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Rapid7 Unveils New Security Products to Improve Visibility, Control

BOSTON – Rapid7 pulled the covers away from two products designed to improve an enterprise’s insight into its security posture. 

The products are dubbed ControlsInsight and UserInsight, and are aimed at providing deeper visibility into the security of users and endpoints.

BOSTON – Rapid7 pulled the covers away from two products designed to improve an enterprise’s insight into its security posture. 

The products are dubbed ControlsInsight and UserInsight, and are aimed at providing deeper visibility into the security of users and endpoints.

“Rapid7 ControlsInsight gives you a huge amount of visibility that the built-in management features of point solutions cannot provide,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “It looks at the entire picture relating to endpoint controls and shows you how effectively the controls are performing, whether they are optimally configured, and how they are working together.”

Rapid7Built-in management features do not give users this ‘big picture’ view, and the broader context plays a key role in making the data meaningful, Weiner continued. ControlsInsight does this by collecting a broad array of data – from configuration information to security patching data – that is correlated and leveraged in an analytical model that takes into account best practices.

“An example is visibility into how broadly password controls are enforced, such as shared administrator passwords,” said Weiner. “The use of shared admin passwords is a clear risk to organizations as they would be susceptible to a ‘pass-the-hash-attack’ that could gain access to many assets inside a network if exploited effectively.” 

As for UserInsight, the product provides user activity monitoring across on-premise, cloud and mobile environments to detect compromised credentials and improve incident response. According to Rapid7, through native integration, UserInsight can be used by security teams to see beyond he corporate network to activity involving cloud services such as Salesforce.

Identity and access management solutions should be used alongside UserInsight, Weiner said.

“Identity and access management solutions are focused on managing access to applications, roles, and entitlements, but they do not monitor actual activity of users,” he said. “This also becomes more challenging as the perimeter is eroding.  Users access corporate data from the network, from mobile devices and often times using cloud services.  UserInsight provides visibility into activity across on-premise networks, mobile and cloud applications to detect compromised credentials or anomalous  activity.”

Advertisement. Scroll to continue reading.

ControlsInsight is available immediately; UserInsight will be available later this year.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Identity & Access

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).