Professional Documents
Culture Documents
Practice of SecOps
Security and IT solutions to reduce risk, accelerate innovation,
and advance your business
POWERING
SecOps
Protecting your business from vulnerability and compromise. Optimizing your operations for success. This constant weight on
your shoulders can only be lifted through shared trust and visibility between Security, IT, and DevOps. The solution is SecOps, an
organizational practice that breaks down silos and creates an alliance and shared mission between these teams. The common goals?
Reduce risk, detect attacks, and optimize operations.
Where are the weak points in your Has your network already been Where can you use automation to
applications, endpoints, and users? breached, where, and how? enhance operational productivity?
So how can you use SecOps to regularly answer these questions with confidence? As the only company focused solely on helping
you implement a SecOps practice, Rapid7 delivers the technology, expertise, and community-driven research you need to propel
secure innovation.
The Rapid7 Insight Platform:
Your Home for SecOps
VISIBILITY
SECURE APPS
DE
K FE
IS
R
N
ZE
D
TI
US
InsightAppSec
RI
ER
IO
PR
S
InsightVM InsightPhish
ACKERS
LEVERAGE
Unified Data
Rapid7 Collection InsightIDR
Services
T ATT
EXP
TEC
ER
Komand InsightOps DE
TS
AU
CS
TI
TO
AU
TO
LY
MA GS
M
LO
TI TE
A
E
AN
A
AC AG
O TION MAN
N S
The Rapid7 Insight Platform: Your Home for SecOps
The Rapid7 Insight platform equips you with the visibility, analytics, and automation you need to unite your teams and
work faster (and smarter). Security, IT, and DevOps now have one-click access to network visibility, asset and application
vulnerability management, breach detection and threat hunting, log management, pen testing, and phishing simulation.
Collect data once from across your IT environment, enabling your Security, IT, and DevOps teams to
collaborate effectively as they analyze shared data.
Expanding your use of the Insight platform to include multiple solutions is easy. Once your data collectors are
installed, launching new Insight products is just a few clicks away.
Integrate Seamlessly
Get faster analysis, prioritization, and remediation with your existing tools. The Insight platform integrates
with your technology stack, acting as a force multiplier to already-deployed solutions.
Rapid7 powers SecOps not only through technology, but also by giving you access to experts that were once in your
shoes. Our managed and consulting services extend the reach of your team, while our industry research, reports, and
open source tools constantly feed the Insight platform—and you—with new insights.
Rapid7 stems from nearly two decades of active research, a constantly expanding vulnerability and exploit database,
Rapid7’s Metasploit project, the learnings from our threat hunting team, and the thousands of penetration tests we
conduct every year.
EXPERIENCE THE
INSIGHT PLATFORM NOW
Try the Rapid7 Insight platform now—for free.
Power up your SecOps practice at www.rapid7.com/try/insight.
REDUCE
RISK
Attackers look for your weakest links. Think like them to find your gaps before they do.
Find and strengthen the weak points across your ecosystem and build a superior security program with confidence using our suite of
threat management solutions.
REDUCE RISK
InsightVM
Live vulnerability management for understanding risk in your modern network
Automatically collect, monitor, View real-time risks and leverage Cloud-powered analytics and
and analyze vulnerabilities as your custom views tailored to your users, end-to-end remediation workflows
network changes across cloud, virtual, automatically prioritized based on connect seamlessly with IT, making it
and containerized environments. the attacker’s point of view. easy to track the progress of each fix.
The modern network is no longer simply composed of servers and desktops; remote workers, cloud and virtualization, containers, and
mobile devices mean your risk exposure is changing every minute. Utilizing the power of Rapid7’s Insight platform and the heritage
of our award-winning Nexpose solution, InsightVM provides a fully available, scalable, and efficient way to collect your vulnerability
data, turn it into answers, and minimize your risk.
Is your vulnerability data up to date? InsightVM uses the lightweight Insight Agent and direct integrations into cloud and virtual
services to automatically collect, monitor, and analyze your network for new and existing risk.
InsightVM evolves with your shifting vulnerability management program. By using a library of Threat Exposure Analytics and threat
feeds built by our research teams, it provides actionable live dashboards to illustrate your risk posture and where you need to focus
to have the biggest impact.
InsightVM lets you create and manage remediation responsibilities directly—thereby improving communications between IT and
security—to make fixing problems less confusing and more efficient. This includes integrating with leading ticketing solutions like JIRA
and ServiceNow. To put it simply, we get the right info to the right people, so everyone can get more done.
“Point solutions” are a thing of the past—a modern security program is an ever-changing ecosystem of information and products
working together to get smarter and improve each other’s ROI. Rapid7’s dedicated integrations team ensures that InsightVM is a
foundational source of intelligence for the rest of your security program.
Metasploit
Penetration testing software for offensive security teams
VERIFY
UNCOVER MAXIMIZE
PROGRAM
WEAKNESSES IMPACT
SUCCESS
Find the vulnerabilities that attackers Test and harden people, Validate that the steps
would actually use by simulating processes, and technology put in place to fix or mitigate
real-world attacks. in order of potential impact on flaws are effective.
risk reduction.
Attackers are always developing new exploits and attack methods. Metasploit penetration testing software helps you use their own
weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to
train your security team to spot and stop the real thing.
Metasploit Pro makes it easy to collect and share all the information you need to conduct a successful and efficient penetration test,
with insights fed by a massive community of contributors and testers around the world.
Our penetration testing software simulates complex attacks against your systems and users so you can see what a bad guy would
do in a real attack and prioritize the biggest security risks. Test every company’s biggest weakness—the users—with easy-to-create
phishing campaigns, and automate common hacking strategies like pass the hash so your defenses can mirror attackers’ tactics.
Metasploit Pro emulates several steps in the kill-chain so you can be confident your security controls are working and will catch
attackers in a real-world incident. Plus, use InsightVM alongside Metasploit Pro to verify your scan results, see which vulnerabilities are
exploitable in the real world, and determine where to focus your efforts.
InsightAppSec
Deploy apps, not risk
Application security testing that Find SQL injection, XSS, CSRF Share actionable insights that
keeps pace with fast moving vulnerabilities, and much more with result in the right fix.
development teams. over 90 categories of attacks.
Find and fix your web application vulnerabilities before they become security or compliance risks
The pace of application development is accelerating—is your web application security testing keeping up? InsightAppSec gets you
up and running quickly, with little to no learning curve, and is powered by a DAST (Dynamic Application Security Testing) engine that
delivers high quality results right out of the box.
Save time by automatically crawling and testing your traditional and modern web apps and APIs, including SPAs (Single Page
Applications) and those built with javascript frameworks. Find every weak point in your applications with InsightAppSec’s 90+
categories of attacks, securing against way more than just the OWASP Top 10.
Execute scans throughout the SDLC (Software Development Lifecycle), analyze results, and share insights with speed and accuracy so
your security doesn’t lag behind or delay application development.
InsightAppSec leverages the power of the Rapid7 Insight platform to address any organization’s application security need, no matter
how big or small.
Live vulnerability view gets you to the vulnerabilities you are most concerned about, across scans and application instances, quickly.
Compliance reports, interactive HTML reports with Attack Replay, and our fully supported JIRA ticketing integration help you
confidently keep your business stakeholders informed and set your app developers on the fast path to remediation.
InsightPhish
Phishing identification, analysis, and simulation
CATCH
CAST CLASSIFY
POTENTIAL
SIMULATIONS IOPs
ATTACKERS
Safely simulate phishing attacks to train Empower employees to easily Quickly identify and respond to
employees, quantify risk, and harden report suspected phishing attacks with analysis powered by key
workforce resiliency. attempts directly from their Indicators of Phishing (IOPs).
email clients.
Developed by the minds behind Metasploit, InsightPhish empowers you to improve your defenses without capturing credentials or
infecting targets. By allowing users to report suspected phishing attempts with a single click, improving users’ ability to identify and
avoid phishing emails, and seamlessly notifying your entire organization of confirmed attacks, you can quantify and decrease your
organizational risk.
InsightPhish safely simulates sophisticated phishing attacks within your domain to train employees and improve workforce resiliency.
This enables you to improve your defenses without capturing credentials or infecting targets.
InsightPhish empowers your employees to report suspected phishing attempts with one click by integrating directly with their email
clients. Key Indicators of Phishing (IOPs) are automatically identified and accelerate the analysis of suspected attempts.
Once a malicious phishing campaign has been identified, InsightPhish enables you to immediately notify your organization; this rapid
response limits the impact of the campaign.
Track the number of employees engaging with and reporting phishing attempts over time to understand your risk—past and present.
This data can then be used to monitor the progress of your organization’s security posture.
DETECT
ATTACKS
Get rid of that pit in your stomach—the one that knows you’ve been breached.
When a breach is happening, time matters. Rapid7 offers a solution that provides the context you need to relentlessly hunt threats and nip
them in the bud before they do harm.
User Behavior Analytics (UBA) and Attacker SIEM, Bundled with Native EDR Agent and
Behavior Analytics Deception Technology
Detect intruders early in the attack chain, no matter how they Not all traces of an attacker are hidden in your log
got in. Spend less time investigating false-positive alerts and data. InsightIDR comes with both the Insight Agent and
more time actively improving security. deception technology to identify what’s really happening.
DETECT ATTACKS
DETECT ATTACKS
InsightIDR
Detect intruders earlier in the attack chain
Augment reach across your entire Detect intruders earlier in the attack Uncover insight hidden in user
ecosystem to find intruders early and chain so you can respond before activity, logs, and endpoints to make
get more from existing investments. critical data is compromised. investigations 20x faster.
Parsing hundreds of false-positive alerts. Managing a growing mountain of data. Manually forwarding information from your
endpoints. Forget that. InsightIDR arms you with the insight you need to make better detection and response decisions, faster.
InsightIDR applies both User and Attacker Behavior Analytics to your existing security and network investments. Whether it serves
as your SIEM or augments existing workflows, your team will detect malicious behavior across the entire attack chain, leaving
attackers nowhere to hide.
Compromised credentials and lateral movement are consistently the top attack vectors behind breaches. Can you detect intruders
impersonating as employees today? With InsightIDR, you will know about malicious insiders and compromised employees, before
they reach critical assets.
InsightIDR doesn’t just alert on every anomaly in your data haystack. Thanks to our cloud architecture and Threat Intelligence Core,
new detections continually release with low false-positives and high supporting context. The result: alerts you want to know about,
filled with the context you need to take action.
RAPID7 POSITIONED
HIGHEST AMONG
VISIONARIES FOR ABILITY
TO EXECUTE.
—G a r t ne r 2 0 1 7 M a g i c Q ua d r a nt fo r S e c ur i t y
I nfo r m a t i o n a nd E v e nt M a na g e m e nt ( S I E M )
With limited resources and a growing network of integrated systems, today’s teams are overwhelmed by the number of assets and applications to monitor
and troubleshoot. Rapid7 has solutions to centralize your data and orchestrate workflows to automate time-intensive processes.
OPTIMIZE OPERATIONS
InsightOps
A simple approach to infrastructure monitoring and troubleshooting
Collect data from any source, Proactively monitor systems and Ask questions of your data and get
in any format. applications to ensure uptime. immediate answers.
Preventing infrastructure downtime is fundamental to maintaining business operations. With real-time alerts and out-of-the-box
dashboards, InsightOps gives you the visibility needed to ensure uptime.
Maintain compliance
Maintain corporate and regulatory compliances with secure log centralization, monitoring, and reporting.
Improve performance
Misconfigured assets and capacity issues can reduce the availability and performance of your critical systems and services. With
asset interrogation and live alerts, it’s easy to spot asset misconfigurations and assets reaching maximum capacity.
Collect and store live log data from servers, workstations, applications, firewalls, routers, Active Directory, and more. Centralize your
infrastructure data securely and in real time to identify issues and monitor changes more easily.
IT issues rarely start and end in the same place. InsightOps combines log management with asset analysis, empowering DevOps and
IT professionals to monitor and troubleshoot issues from discovery to resolution.
By year-end 2020, 15% of organizations
with a security team larger than five
people will leverage SOAR tools for
orchestration and automation reasons,
up from less than 1% today.
Komand
Do more with less. Connect your tools to accelerate security and IT processes.
Build workflows to streamline Connect your technology stack Leverage your team’s expertise
manual tasks and allow your team to for a clearer understanding of to analyze, decide, and speed up
do more, faster. your security landscape. manual tasks.
What if you could take your security playbook, easily connect it to your tools, and automate it while still employing human insights when needed?
With Komand by Rapid7, you can do all that and more with fast time-to-value via powerful plugins and workflows that accelerate detection,
response, and remediation.
Create powerful security automation with connect-and-go workflows. The Komand building blocks make it easy to construct workflows anytime,
anywhere, with any skill level.
Connect your existing security tools with our library of plugins, or import your own plugins for an integrated, extensible security infrastructure that
communicates better. Automated escalation processes will empower your team to respond to threats faster, with more detailed analysis.
Komand streamlines repetitive, manual security processes into cohesive and automated workflows. As a result, your team can focus their efforts
and expertise where it’s needed most in the business. You’ll go from overwhelmed to operating efficiently in no time.
Automate manual, time-consuming processes while retaining decision-making power. Add human decision points to the automation workflow and
empower your team to provide expert insight when it’s most critical.
RAPID7
CONSULTING
RAPID7 CONSULTING
Rapid7 Consulting offers the support and guidance of industry leaders and security specialists to help you accelerate your security
improvement via cutting-edge methodologies and risk prioritization.
Advisory Services
Overwhelmed. Understaffed. Unprotected. Sound familiar? Don’t sweat it! Many security teams can’t free up the time and resources
necessary to analyze their security program, or uncover the insight they need to improve it. Rapid7 Advisory Services can help you not
only get unstuck, but also move forward with confidence. Our Advisory Services were designed with your realities in mind, built to help
you prioritize your security initiatives, and ensure your program meets compliance, exceeds best practices, and is aligned with your
organization’s risk appetite and business goals.
A ruthless report on your many weaknesses is a good thing. Using Metasploit—the world’s most used penetration testing software—our
practiced, perceptive pen testers will simulate a real-world attack on your networks, applications, devices, and/or people to uncover
weaknesses from the perspective of a motivated attacker to show you what areas of your security program could use a little (tough) love.
Incident response is about as sure as death and taxes. Make sure you’re ready with Rapid7 Incident Response Services. Our team of IR
experts can help you build a response plan from the ground up, create a roadmap for improving your existing plan, or, for teams short on
IR resources, work with you through every stage of response—from analysis and detection to containment, remediation, and cleanup—to
accelerate your investigation and containment.
As the Internet of Things grows, the need to secure it should grow at the same pace. Whether you’re creating a new IoT product or
deploying an IoT solution, our IoT Security Services provide experienced and skilled consultants to help you identify risk and vulnerabilities
and apply solutions to mitigate security issues across the entire IoT ecosystem.
Prefer to do things in-house? Rapid7 has skilled resources ready to help you get the most out of your product investments. Whether you
need product training, deployment assistance, help running the software, technical support, or expert guidance on your overall security
program, we’re here to help.
ABOUT RAPID7
Rapid7 is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics
transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications.
Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log
management for organizations around the globe. To learn more about Rapid7 or join our threat research, visit www.rapid7.com.
CONTACT US OR CONNECT WITH US
twitter.com/rapid7