SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Rapid7 enhances MDR service with advanced endpoint prevention and forensic capabilities
Tue, 3rd Oct 2023

Rapid7, has announced a new enhancement to its Managed Detection and Response (MDR) service. Rapid7’s customers can now benefit from amplified endpoint prevention and forensics capabilities enabled by its Insight Agent.

The introduction of next-generation antivirus (NGAV) and Velociraptor’s digital forensics and incident response capabilities supplement the already robust feature set of the Insight Agent, which includes powerful vulnerability scanning, high-efficacy threat detection, and swift containment activities. This addition aims to boost customer investment by diminishing complexity, enhancing efficacy, and driving efficiency around core endpoint protection use cases.

Addressing the challenges of security operation centre (SOC) teams, Jeremiah Dewey, Senior Vice President of Managed Services and Product Delivery at Rapid7, said, “As SOC teams face an expanding attack surface from the endpoint to the cloud, it’s easy for them to become trapped in a cycle of reactive processes, leading to burnout, and, at times, recurring breaches as a result of failing to fully-remediate previous events.”

Dewey added, “Our MDR customers will now benefit from additional reductions of endpoint security cost and complexity within their SOC. The integration of DFIR from Velociraptor and next-generation antivirus helps customers gain control over the dynamic attack surface and increase levels of security protection.”

The digital forensics and incident response capability, now incorporated into Rapid7’s agent, employs the Velociraptor open-source community for instantaneous detection and elimination of threats. It uses an expressive query language, simplifying the process for security professionals to share custom detections. This serves to strengthen the collective knowledge of the community, facilitating the swift eradication of new threats.

In its effort to deliver full threat lifecycle coverage, Rapid7 goes beyond mere exposure assessment. It promises high-efficiency detection, containment, and remediation efforts. The firm continues to focus its resources on developing comprehensive endpoint solutions in response to increasingly persistent threats, such as ransomware.

Rapid7 has plans to further improve its prevention capabilities, drawing from the strengths of its acquisition, Minerva Labs Ltd. They intend to leverage this to expand their ability to identify and block advanced attacker behaviours and malware before they even execute.

In a digital landscape that remarkably intermingles risk and reward, Rapid7’s mission is to create a safer experience for all. By making cybersecurity more accessible and straightforward, the firm enables security professionals to manage modern threats speedily and with precision.