Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Increased visibility and control for cloud and mobile environments

Rapid7 : 22 November, 2013  (New Product)
UserInsight from Rapid7 enables security professionals to have greater visibility and control of cloud and mobile network user behaviour
Increased visibility and control for cloud and mobile environments

Rapid7 has announced the general availability of its cloud application and user risk management solution, Rapid7 UserInsight, as well as several enhancements to its information-driven security analytics portfolio. With these innovations, Rapid7 is the first and only security analytics provider to offer visibility into user behaviour across on-premises and cloud networks, to integrate phishing exposure information into user risk assessment, and to deliver fully closed-loop vulnerability validation for prioritising risk.

"Security professionals are challenged with a lack of visibility and control due to the expanding use of cloud, mobile and social technology. At the same time, they face an increasingly effective and deceptive adversary," said Lee Weiner, senior vice president of products and engineering at Rapid7. "With this portfolio update, we're addressing these critical issues by making use of our unique knowledge of attacker methodologies and providing unprecedented visibility into both the managed and unmanaged IT environment. We're enabling security professionals to see risk like never before, prioritise action based on known patterns of attack, and test the impact of their action."

Managing User Risk

Evolving IT usage models, such as the proliferation of cloud services, adoption of employee-owned smart phones, and an increasingly "social" business, have resulted in an organisation's trusted users representing considerable risk. Rapid7 UserInsight uniquely addresses this concern by monitoring user activity across on-premise, cloud, and mobile environments to provide comprehensive visibility, more effective incident response, and detection of compromised credentials.

Through native integration, security teams can see beyond the corporate network to activity with key cloud services, such as Salesforce and Box. Access to these cloud-based business services from personal devices is monitored as effectively as access from within the firewall. And now users can gain even greater insight into user risk by integrating data from phishing campaigns conducted through Rapid7 Metasploit Pro.

Metasploit Pro measures the effectiveness of security awareness trainings by running simulated phishing campaigns. The results of these campaigns are now integrated into UserInsight, where they are presented in the context of a broad view of user risk that includes visibility into user activity and detection of compromised credentials across on-premise, cloud and mobile environments. Only UserInsight offers this comprehensive capability.

With comprehensive insight into user activity, security professionals can greatly reduce the time required to identify compromised users and investigate risks to the network. UserInsight was showcased at Rapid7's user conference, UNITED, and is now available for general purchase.

Superior Vulnerability Management Through Vulnerability Validation

Metasploit Pro 4.8 also offers a deeper integration with Rapid7 Nexpose for validating vulnerabilities, enabling IT teams to identify critical risks by confirming a vulnerability's exploitability in the context of an organisation's environment. The integration includes a simpler workflow for validation and enhanced reporting capabilities. Only Rapid7 solutions offer closed-loop vulnerability validation, importing existing scan data from Nexpose into Metasploit, and returning validated results back to Nexpose for management and reporting. Nexpose administrators can easily group together assets that have validated vulnerabilities, allowing for efficient remediation.

Metasploit is the most popular open source penetration testing platform, constantly updated with exploits found in the wild by the community. This provides real-world threat insight for Nexpose users, who are able to benefit from the only closed-loop, streamlined integration of penetration testing and vulnerability management.

Effectiveness of Endpoint Controls

Rapid7 ControlsInsight enables security professionals to audit the effectiveness of their security controls for the endpoints deployed across their organisation. The new version, ControlsInsight 2.1, introduces new trending capabilities for tracking and communicating controls deployment trends. This means security professionals can now demonstrate progress in reducing risk across the organisation.

The new capabilities are available for individual security controls and make use of Rapid7's patent-pending threat model to provide security grades within the solution. Individual controls trending provides visibility into the assets covered by each control over time, while security grade trending analyses the effectiveness of controls already in place at defending against threats. Security professionals can access these new capabilities using interactive trending charts within the solution, or by integrating trending data into other tools via the open API.

Launched in August, ControlsInsight is already helping customers across a wide variety of industries including healthcare, legal and aerospace to increase the effectiveness of their security programs.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo