Rapid7, Inc. announced that its Managed Detection
and Response (MDR) service now includes multi-layered endpoint prevention and
forensics capabilities powered by its Insight Agent.
The
Insight Agent already delivers powerful vulnerability scanning, high-efficacy
threat detection, and swift containment activities. With the addition of
next-generation antivirus (NGAV) and Velociraptor's digital forensics and
incident response (DFIR) capabilities, customers will be able to further
consolidate and maximize their investment by reducing complexity, increasing
efficacy, and driving efficiency with core endpoint protection use cases.
"As
SOC teams face an expanding attack surface from the endpoint to the cloud, it's
easy for them to become trapped in a cycle of reactive processes, leading to
burnout, and, at times, recurring breaches as a result of failing to
fully-remediate previous events," said Jeremiah Dewey, Senior Vice President of
Managed Services and Product Delivery, Rapid7. "Our MDR customers will now
benefit from additional reductions of endpoint security cost and complexity
within their SOC. The integration of DFIR from Velociraptor and next-generation
antivirus helps customers gain control over the dynamic attack surface and
increase levels of security protection."
The
DFIR capability now available on the Rapid7 agent leverages the Velociraptor
open source community for real-time detection and eradication of threats. By
using an expressive query language rather than code, Velociraptor makes it
faster and easier for security professionals to share custom detections,
strengthening the knowledge of the community and helping teams to root out new
threats more quickly.
With
this expansion, Rapid7 can deliver full threat lifecycle coverage from exposure
assessment to prevention to high-efficacy detection to containment and
remediation. Rapid7 is continuing to invest in the most complete endpoint
solutions to address one of the most pervasive threats organizations face today:
ransomware. The company plans to include capabilities from its acquisition of
Minerva Labs Ltd. to build on its ability to identify and prevent advanced
attacker behaviors to block malware before execution.