Working with thousands of security and risk professionals across the globe, we know that complexity is the top challenge SOCs are facing today. As the attack surface rapidly expands, security teams need more effective ways to keep pace with digital transformation and get out of the cycle of constant reactive fire drills.
So, we have expanded endpoint protection within our leading MDR service, Managed Threat Complete, to include native next-generation antivirus (NGAV) and DFIR powered by our universal Insight Agent.
Building on the powerful vulnerability scanning, high efficacy threat detections, and rapid containment we deliver on the endpoint today, these new capabilities help unlock critical efficiency and consolidation teams need to gain control over their dynamic attack surface.
We’re also excited to integrate Velociraptor directly into InsightIDR. The integration empowers security teams to easily collect, query, and monitor virtually any aspect of their endpoint fleets with leading digital forensics and incident response (DFIR) technology and playbooks. Already a key tool used by our Incident Response consultants in every single Incident Response engagement, customers can now experience the power and insight Velociraptor brings on the endpoint, directly in the product.
Plus, Velociraptor now uses an expressive query language (rather than code), which makes it faster and easier to share custom detections with the open source community. This helps SOC teams root out new threats more quickly, while demonstrating our continued support to open source.
Rapid7 MDR: Full coverage, single trusted partner
A Gartner study found that 75% of organizations pursued security vendor consolidation in 2022, up from 29% in 2020. And we understand why. Rapid environment expansion and constantly escalating threats—combined with a growing skills gap—have left security professionals on their heels and over-indexed on reactive measures alone. Adoption of point solutions to keep up change has resulted in more noise, inefficiency, and burnout. Previous SecOp approaches are broken - there has to be change.
Rapid7 tackles complexity head-on with a more proactive approach to security operations. By unifying relevant exposure management, external threat intelligence, and now prevention capabilities we are able to get ahead of risk and eliminate breaches earlier. This also reduces the noise and alerts downstream, enabling high efficacy threat detection, and accelerated response. With Rapid7, customers can feel confident they are covered from endpoint to the cloud, across both known and unknown threats.
While the attack surface grows, endpoints remain a critical foot in the door and target for attackers. Rapid7 delivers full threat lifecycle coverage on the endpoint via our lightweight agent, including:
- Anticipate threats to prevent breaches earlier with leading vulnerability management and Next-Gen Antivirus.
- Rich telemetry, unique intelligence, and curated content drives high efficacy detections.
- Full kill chain visibility and streamlined automation contain threats faster than ever.
- Robust forensic insights for expedited investigations and advanced hunting powered by Velociraptor.
Looking Ahead: Proactive Ransomware Prevention
As Rapid7 continues to invest in the most complete endpoint solutions, it will be addressing one of the most pervasive threats organizations face today: ransomware. Leveraging a patented approach from the integrated Minerva technology, these future capabilities will be able to recognize the earliest signals and behaviors to identify and intercept headline-making attacks before they are able to execute.
Rapid7’s incident response team is currently using this technology in the field, and soon these powerful capabilities will be available to rapid7 MDR customers. You can learn more about how Rapid7 protects endpoints here.
Source: Rapid7
Source Link: https://blog.rapid7.com/2023/10/02/proactively-prevent-breaches-with-expanded-endpoint-protection-in-rapid7-mdr/