SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
SIEM
#
SOC
#
Cybersecurity

Rapid7 launches Intelligence Hub to streamline threat response

Today
Author image
By Melania Watson, Interview Editor

Rapid7 has introduced Intelligence Hub, an integrated solution aimed at providing security teams with contextual and actionable threat intelligence for more efficient detection and response.

Intelligence Hub has been developed in response to ongoing issues confronting security operations teams, such as fragmented intelligence platforms, the absence of relevant context, and difficulties in threat prioritisation.

According to Rapid7, two-thirds of Security Operations Centre (SOC) analysts in a recent survey reported a significant increase in the volume of security alerts in the last three years. Furthermore, 70% of respondents noted that the number of security tools they use has also markedly increased.

The new Intelligence Hub delivers data that is curated by Rapid7 Labs, incorporating proprietary sources such as the company's honeypot data and exclusive research.

Rapid7 states that it rigorously verifies low-prevalence, high-impact threat indicators, reducing the likelihood of false positives. This allows security teams to automate more of their response processes and focus on the most pertinent threats.

The intelligence is delivered directly in the Rapid7 Command Platform, which enables high-fidelity, curated intelligence to be incorporated into the day-to-day workflow of security analysts. This integration is intended to ensure that actionable data is prioritised and can be trusted by those responsible for managing security incidents.

Raj Samani, Chief Scientist at Rapid7, said: "Security organisations are drowning in noise, making timely responses to threats nearly impossible. Intelligence Hub addresses this challenge by focusing on curated intelligence, providing only the most relevant and verified indicators to enable rapid and effective action."

Beyond the core offering of curated intelligence, Intelligence Hub includes contextual details intended to help security teams prioritise threats in light of their sector, geography, and vulnerabilities.

The platform also incorporates information regarding threat actors' tactics and techniques, and gives users a clear methodology for attributing potential attacks. Rapid7 reports this will help with targeted remediation and better allocation of resources within security teams.

The company has outlined several key benefits of its Intelligence Hub, including seamless integration with existing workflows.

For example, threat intelligence is provided directly within Rapid7's Command Platform tools, such as InsightIDR, to eliminate the need for context-switching and to speed up response times. Intelligence Hub is also designed to surface only the most relevant threats based on current attacker campaigns, the industries targeted, and the exploitability of vulnerabilities.

Additional features include the unification of global threat intelligence curated by Rapid7 Labs researchers from sources such as Rapid7 honeypots, open source communities, and proprietary research.

The intelligence is prioritised based on its relevance to individual customers' sectors, geography, and likely vulnerabilities, aiming to support more proactive security postures.

Feedback from industry analysts highlights ongoing challenges with threat intelligence solutions.

Monika Soltysik, Senior Research Manager at IDC, said: "In IDC's October 2024 survey of U.S. organisations, the top three challenges with threat intelligence solutions were cost (42.2%), false positives and alert fatigue (40.0%), and data quality and reliability (39.7%)."

"Solution providers that are proactively addressing these challenges, like Rapid7, are making it easier for their customers to understand and secure their attack surface."

With organisations increasingly struggling to manage the rising volume of security alerts and the complexity of multiple tools, Intelligence Hub is expected to support security teams by streamlining the delivery of trusted, relevant, and actionable threat intelligence within their existing operational platforms.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Mandiant report finds rise in financially motivated cyber attacks
Veeam report finds 69% of firms hit by ransomware in past year
IRONSCALES launches Deepfake Protection to fight phishing surge
Rapid7 unveils platform to help SOC teams cut through alert noise
Perforce launches upgraded Puppet to cut cyber risk downtime
Top stories
AI use in enterprises soars but brings surge in cyber risks
Yubico & Solvatten boost digital security & clean water
Datadog acquires Metaplane to boost AI & data observability
Veeam partners with CrowdStrike to boost data resilience & security
Armis offers free access to real-time cyber threat database