Rapid7 Unveils Active Response within its Managed Detection and Response Service
Security teams face unprecedented challenges as the threat landscape increases in scope and complexity. Attacks have become more frequent, and the burdens placed on security teams in light of a predominantly remote workforce has opened the door for opportunistic attackers leveraging stolen credentials. Protecting the organization in today’s environment has led to increased analyst fatigue with many organizations struggling to respond to both user and host threats in a timely manner.
With Active Response, Rapid7 MDR experts will take action on behalf of a customer day or night, providing real-time updates through email, text, ChatOps, phone, and within InsightIDR, the company’s cloud-native incident detection and response solution. Customers have the flexibility to collaborate with MDR responders and can create configurations and guidelines for any response action.
“Increasingly, organizations are looking to augment their security programs with managed services,” said
Leveraging Rapid7’s MDR team, combined with the company’s industry-leading security orchestration and automation (SOAR) solution, InsightConnect, Active Response uses advanced workflows to contain specific users or endpoints after validating an incident. Additional key benefits include:
- 24x7 End-to-End Detection and Response. Rapid7’s MDR experts take action at any time, day or night, after validating threats to initiate countermeasures to contain the attacker.
- On-premise and remote user and host containment. Active Response contains compromised endpoints or user accounts within minutes of finding a threat to prevent malware propagation, cut off lateral movement, or stop data exfiltration attempts.
- Configurations and guidelines for any response action. Customers can create containment guardrails to prohibit response actions to critical servers, users, or devices.
- Flexibility to collaborate with MDR responders. Customers have the option to be hands-off or to collaborate with the
Rapid7team in order to accelerate or cancel containment actions via ChatOps integration.
- Consistent communication and notifications. Real-time updates are sent through a variety of communication platforms, including Slack, phone, email, or text. Every action is then recorded within the InsightIDR investigation giving customers access to an audit trail.
Rapid7’s MDR with Active Response offering is now available for MDR Elite customers. Learn more about the offering here.
To learn more about Rapid7’s managed service offerings, which were recently named a Leader in “The Forrester Wave™”: Midsize Managed Security Services Providers, Q3 2020 report, please head to: https://www.rapid7.com/info/mssp-wave/.
Public Relations Manager
Vice President, Investor Relations