Rapid7 launches the Command Platform

Rapid7 has launched its Command Platform, a unified threat exposure, detection, and response platform.

  • 3 months ago Posted in

 Rapid7’s AI-charged Command Platform allows customers to integrate their critical security data to provide a unified view of vulnerabilities, exposures, and threats from endpoint to cloud to close security gaps and prevent attacks. Rapid7 also announced the first two solutions on the Command Platform: Exposure Command, which helps organizations detect and prioritize exposures from endpoint to cloud, and Surface Command, which is designed to discover and provide deep visibility into the assets that the security team is responsible for protecting across their internal and external attack surface and is included with Exposure Command.

The Rapid7 Command Platform integrates native cloud and on-prem assessment with data from an organization’s ecosystem of IT, security, and business tools to help them take command of their attack surface and confidently discover, identify, prioritize, and remediate risk. The fully-integrated platform gives security operations teams greater visibility they can trust that was previously unattainable due to cost.

“Rapid7 customers now can have confidence in comprehensive visibility to truly monitor, manage, and measure exposures and threats across the entirety of their ecosystem with full business and environmental context — whether that data comes from Rapid7 or other providers — at an affordable cost,” said Corey Thomas, chairman and chief executive officer, Rapid7. “When you have trust in what’s happening in your environment, you can quickly zero in on the highest risk vulnerabilities and exposures to focus on the most critical assets that need attention.”

Exposure Command and Surface Command are foundational to Rapid7’s new Command Platform. With Exposure Command, organizations can now discover, assess, prioritize and remediate exposures across their attack surface, take action confidently on threats with assistance from veteran security experts, and drive tangible return on their investment and outcomes that make it easy to demonstrate success.

An essential part of Exposure Command, Surface Command is designed to enable organizations to eliminate blind spots and uncover security control gaps, proactively harden their attack surface with more complete context about identities and assets, and accelerate incident response teams with better data and perspectives.

Both of these solutions are priced at a disruptive all-in value so that security teams can see immediate return on their investment.

“Exposure Command and Surface Command are truly transformational for security teams,” said Craig Adams, senior vice president and chief product officer, Rapid7. “Not only do they eliminate guessing about what is taking place in your environment or which risk to tackle first, they free up the excessive time and money teams spend on a host of tools, manually piecing together inconsistent and disjointed reports to understand only a portion of their attack surface and security posture.”

Exposure Command

Exposure Command is designed to detect and identify exposures from endpoint to cloud. Exposure Command enables security operations teams to enrich continuous attack surface monitoring with deep environmental context and automated risk scoring to identify and remediate ‘toxic combinations.’ It also allows them to understand asset posture and ownership and enforce compliance with internal policies, industry best-practices and regulatory frameworks across hybrid environments, and avoid cloud risk before it reaches production with actionable feedback.

With Exposure Command, organizations can:

● Detect and Remediate Vulnerabilities Across a Hybrid Environment: continuously assess the entire environment for vulnerabilities and prioritize response based on the likelihood and potential impact of an exploit with purpose-built data collection approaches for cloud and on-prem environments.

● Enforce Organizational Standards and Compliance Policies: track adherence to organizational policies and regulatory standards with more than 50 compliance packs and thousands of security policy checks. Security operations teams can also notify relevant stakeholders and leverage native automation to enforce compliance at scale.

● Shift Cloud Security and Compliance Checks Left, Earlier in the Development Lifecycle: leverage Infrastructure as Code (IaC) scanning capabilities to implement the same security and compliance checks used in production earlier on in the continuous integration and continuous deployment (CI/CD) pipelines, identifying potential misconfigurations and non-compliant resources before they’re ever provisioned.

● Monitor Effective Access and Permissions Across All Clouds: continuously track accounts and their effective access across the organization, flagging overly-permissive roles, the potential for privilege escalation and automatically enforcing least privilege access (LPA) policies at scale.

● Identify Paths for Lateral Movement Across Cloud Environment: attack path analysis enables teams to visualize the relationships between interconnected cloud resources and uncover the potential for attackers to move laterally across the environment should they gain access to it.

Surface Command

Surface Command provides organizations with unified asset inventory - a more complete, vendor agnostic view of an organization’s internal and external attack surface. Surface Command breaks down data silos by combining comprehensive external attack surface monitoring (EASM) with cyber asset attack surface management (CAASM) across hybrid environments to build a dynamic, 360-degree view of an organization’s entire attack surface in one place.

Surface Command includes a library of more than 100 connectors feeding into Rapid7’s unified machine learning-driven correlation engine. Organizations can identify and mitigate exposures and potential threats with a risk-aware and adversary-driven view of their attack surface. This dynamic map of their digital estate from endpoint to cloud provides organizations with a holistic view of their attack surface.

With Surface Command, organizations can:

● Establish and Maintain a Single Source of Truth: unify and correlate asset inventory and identities across internal tooling and cross reference findings against regular external scans to understand their attack surface and establish a single source of truth across teams.

● Uncover Assets Lacking Proper Security Controls: recurring scanning to spot gaps in security coverage where assets are missing controls - such as endpoint security agents and vulnerability scans - and which identities have admin access or are missing multifactor authentication (MFA).

● Drive Accountability Across Teams: understand asset ownership and drive accountability when compliance standards aren’t met, providing clarity around which stakeholders to engage when remediation actions are required to security and governance, risk, and compliance (GRC) teams.

● Provide Full Context to Incident Responders: security analysts can more effectively prioritize ongoing threats by having asset, vulnerability, and security control context in one place to make decisions. They can also enable organizational wide threat hunts based on known asset information and tactics, techniques, and procedures (TTPs).

● Detect Shadow IT and Ungoverned Use of IT Resources: identify unknown users and assets connected to the network with necessary context to understand the relative risk and necessary remediation steps.

● Augment Configuration Management Database (CMDB) Tools and Assist with Asset Lifecycle Management: track technology adoption across the organization and leverage powerful native querying capabilities to gain deep insight, including if assets are still active, who owns them, and when they were last updated or modified.

54% of consumers don’t know how much personal data AI tools collect.
By Alan Jacobson, Chief Data and Analytics Officer, Alteryx.
Research finds that the industry is struggling with a growing resource and skills gap while...
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...