SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Rapid7 unveils new capabilities to simplify CDR at AWS event
Thu, 1st Dec 2022
FYI, this story is more than a year old

Rapid7 is showcasing a range of new capabilities at Amazon Web Services (AWS) re:Invent 2022, designed to make cloud detection and response (CDR) and vulnerability assessments easier.

Rapid7 notes that the speed at which companies across all industries are migrating to the cloud to foster innovation, scale and digital transformation is unprecedented and that without having purpose-built risk assessments and threat detection in the cloud, enterprises will have difficulty effectively securing their businesses across a modern attack surface.

"Now, more than ever, security teams need to stay on their toes," says Lee Weiner, Cloud Security Senior Vice President and Chief Innovation Officer, Rapid7.

"They need to continuously monitor an increasingly complex threat landscape in real-time while securely scaling their cloud footprint in line with their business needs.

"By uniting cloud risk and threat detection, Rapid7 is delivering enhanced scale and time-to-value, helping customers secure their businesses with both speed and precision."

At this year's Las Vegas event, Rapid7 is demonstrating new capabilities on the Insight Platform that make it easier to provide an added layer to manage risks and eliminate threats on AWS.

These include:

Agentless vulnerability assessments

An agentless vulnerability assessment provides security teams with robust, continuous visibility into the vulnerabilities in their cloud environments without requiring anything to be installed onto individual machines.

Cloud detection and response capabilities

Rapid7's new capabilities natively identify suspicious events in real-time and compile third-party threat findings to give security teams more accurate and effective alerts when an active threat is present in their environment.

"Combined, these new capabilities and integrations solve our customers' biggest cloud security pain points," Weiner says.

"These innovations deliver a unique value proposition that combines our agentless approach, real-time visibility, and rich unified context so customers can more effectively operationalise their cloud security programs."

Rapid7 fosters strong results through its continued collaboration with AWS, which also provides customers with support for the newest AWS security services as they are released.

The new offerings featured at AWS re:Invent 2022 include:

AWS Verified Access

This new VPN-less authentication service integrates with Rapid7's Insight Platform, allowing AWS customers to give employees secure access to private apps running on AWS while enforcing zero trust policies.

In addition, Rapid7 will have the capacity to ingest logs from AWS Verified Access, offering customers complete visibility into who is accessing private apps so that any suspicious activity can be investigated.

Amazon Security Lake

This all-new service centralises an enterprise's security data from cloud, on-premises, and custom sources into a customer-owned, purpose-built data lake.

The new offering will equip customers with the means to bring together all their AWS and third-party security logs in one place and in the Open Cybersecurity Schema Framework (OCSF).

Further, those logs will be available to third-party tools, allowing Rapid7 customers to send multiple types of logs to the Insight Platform through a single integration, which will help to simplify the initial onboarding and ongoing maintenance.

"Amazon Security Lake helps organisations aggregate, manage, and derive value from log and event data to give security teams greater visibility across their organisations," says Rod Wallace, General Manager, Amazon Security Lake.

"Rapid7's integration with Amazon Security Lake will give customers the ability to run advanced analytics on AWS and third-party logs with Rapid7 InsightIDR.

"This will help customers address a variety of security use cases such as threat detection, investigation, and incident response."