SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Rapid7 unveils new capabilities for InsightCloudSec offering
Wed, 27th Jul 2022
FYI, this story is more than a year old

Rapid7 has added new layered context capabilities to its InsightCloudSec offering to give security teams a consolidated, unified, real-time view of risk signals.

InsightCloudSec is Rapid7's fully-integrated cloud-native security platform (CNSP), and adding this functionality includes giving users visibility into misconfigurations and public exposure across their environment.

The company notes that security teams are struggling to keep up with the adoption of cloud technologies within their organisations and, as a result, often have to stitch together multiple point offerings.

Rapid7 says that this leaves teams with a limited understanding of the risks in their cloud, such as services, hosts, containers and serverless environments, making it time-consuming and challenging to reduce and manage vulnerabilities.

Adding layered context will also give organisations a consolidated, resource-oriented view of the most pressing risks in their environment, allowing them to more effectively prioritise and remediate issues.

"Security teams face growing challenges as cloud adoption increases in speed and complexity," Rapid7 chief innovation officer Lee Weiner says.

"In order to enable secure adoption of cloud technologies, security teams need the right context and visibility around their security data.

"With layered context, security teams are provided a unified, contextualised view of their risk in a single place, ultimately enabling companies to accelerate and innovate at scale."

The complete list of benefits that InsightCloudSec's layered context capabilities offer includes:

Context-driven risk assessments

See all the context you need in a single place to help speed up prioritisation, notification, and remediation of the most significant risks in your environment.

Up-to-the-minute insights

Get agentless, real-time visibility into configuration changes, vulnerabilities, and suspicious behaviours in your cloud environment within minutes without fear of rate limiting.

Streamlined asset and policy management

Benefit from a unified data model that standardises your asset inventory, allowing your team to consolidate policies across providers and throughout the development lifecycle.

The upgrade to InsightCloudSec's functionality comes after Rapid7 released the Ransomware Data Disclosure Trends report, providing new insight into how attackers think when carrying out cyber attacks, along with further analysis of the disclosure layer of double extortion ransomware attacks.

The report involved researchers using proprietary data from the clear, deep, and dark web to find out more information on the types of data attackers disclose to coerce victims into paying a ransom.

The researchers further explored in detail the trend of double extortion. This was pioneered by the Maze ransomware group, causing harm to many.

The method not only involves threat actors holding data hostage for money, but they also threaten to release that data (either publicly or for sale on dark web outlets) to extract even more money from companies.

The company says that threats and attacks like this have caused billions in losses across nearly every industry around the world and have also stopped the flow of critical infrastructure like healthcare services, therefore often putting lives at risk.

Using proprietary data collection tools to analyse the disclosure layer of double-extortion ransomware attacks, the Rapid7 research identified the types of data attackers initially disclose to coerce victims into paying ransoms.

The most significant changes were seen in the pharmaceutical, financial service, and healthcare sectors.