Rapid7 Announces Availability of Network Traffic Analysis Capabilities in InsightIDR
For security operations, detecting and responding to potential attacks has become increasingly complicated as organizations shift to the cloud and attack surfaces expand. Network Traffic Analysis gives security operations greater visibility into user and device activity across the network. Armed with increased device and network activity data, along with valuable user, log, cloud, and endpoint data in InsightIDR, security operations can now detect threats earlier and with more reliability while also speeding investigations.
This advancement comes on the heels of Rapid7’s InsightIDR being named a Leader in Gartner’s 2020 Magic Quadrant for Security Information and Event Management (SIEM). In the report, InsightIDR was recognized for its ease of deployment, ease of use, and strong return on investment.
“Network traffic analysis is an important capability for our customers because it gives security teams even greater visibility across the attack surface,” said
In addition to delivering a single hub for diverse security data sets, Rapid7’s approach to NTA is unique and differentiated for three reasons.
- Lightweight Insight Network Sensor
There’s no dedicated hardware appliance required to capture network data; instead, lightweight software is installed on a virtual machine or host providing flexible deployment and data capture. The sensor passively captures traffic through a traffic mirror - providing no disruption to network performance.
- Proprietary Deep Packet Inspection (DPI) Engine
InsightIDR’s NTA leverages a proprietary Deep Packet Inspection (DPI) engine to capture raw network traffic flows, extracting rich metadata. This approach drastically reduces data volume, but retains the critical data ideal for investigations, deeper forensic activities, and custom rule creation.
- Expert Curation of Alerts
Rapid7’s Managed Detection and Response (MDR) team curates a library of the most critical Intrusion Detection System (IDS) alerts for teams to focus on, helping cut down on noise and increase analysts’ confidence in taking action.
Customers that rely on Rapid7’s Managed Detection and Response services will also benefit from the NTA capabilities in InsightIDR.
To learn more about Rapid7’s NTA capabilities, please try the NTA demo.
Public Relations Manager
Vice President, Investor Relations