BOSTON – Rapid7 pulled the covers away from two products designed to improve an enterprise’s insight into its security posture.
The products are dubbed ControlsInsight and UserInsight, and are aimed at providing deeper visibility into the security of users and endpoints.
“Rapid7 ControlsInsight gives you a huge amount of visibility that the built-in management features of point solutions cannot provide,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “It looks at the entire picture relating to endpoint controls and shows you how effectively the controls are performing, whether they are optimally configured, and how they are working together.”
Built-in management features do not give users this ‘big picture’ view, and the broader context plays a key role in making the data meaningful, Weiner continued. ControlsInsight does this by collecting a broad array of data – from configuration information to security patching data – that is correlated and leveraged in an analytical model that takes into account best practices.
“An example is visibility into how broadly password controls are enforced, such as shared administrator passwords,” said Weiner. “The use of shared admin passwords is a clear risk to organizations as they would be susceptible to a ‘pass-the-hash-attack’ that could gain access to many assets inside a network if exploited effectively.”
As for UserInsight, the product provides user activity monitoring across on-premise, cloud and mobile environments to detect compromised credentials and improve incident response. According to Rapid7, through native integration, UserInsight can be used by security teams to see beyond he corporate network to activity involving cloud services such as Salesforce.
Identity and access management solutions should be used alongside UserInsight, Weiner said.
“Identity and access management solutions are focused on managing access to applications, roles, and entitlements, but they do not monitor actual activity of users,” he said. “This also becomes more challenging as the perimeter is eroding. Users access corporate data from the network, from mobile devices and often times using cloud services. UserInsight provides visibility into activity across on-premise networks, mobile and cloud applications to detect compromised credentials or anomalous activity.”
ControlsInsight is available immediately; UserInsight will be available later this year.
