Rapid7 Announces Interoperability with HP ArcSight ESM to Help Organizations Mitigate and Respond to Security Incidents Faster and More Effectively
UserInsight and Nexpose Connect with Leading Security Information and Event Management Solution so Security Professionals can Quickly Detect and Investigate Threats and Attacks
BOSTON, MA – September 9, 2014 – Rapid7, a leading provider of security analytics software and services, announced that its innovative incident detection and response solution, Rapid7 UserInsight, is now interoperable with HP ArcSight ESM. The combination of these two advanced technologies enables security operations professionals to detect, investigate, and respond to security threats targeting a company’s users more quickly and effectively.
Data collected and correlated from HP ArcSight can now be easily fed into Rapid7 UserInsight to detect and investigate compromised credentials, phishing attacks, and suspicious behavior. UserInsight can feed these alerts back to HP ArcSight ESM for further correlation and visibility leveraging HP ArcSight as the single pane of glass for security activities in a company’s Security Operations Center (SOC).
Compromised credentials are the most common attack vectors according to the Verizon Data Breach Investigations Report 2014. With credentials, attackers can pose as genuine users and move laterally through the network, and this has traditionally been very difficult to detect. In addition, malicious insiders pose a similar challenge to detection. UserInsight addresses these challenges, giving users greater confidence in their network security in an easy-to-deploy technology that integrates with their existing Security Information and Event Management solution.
This interoperability builds on the existing technology partnership between Rapid7 Nexpose and HP ArcSight. Vulnerability data from Nexpose scans feeds into HP ArcSight ESM so users can create alerts, raise alarms, or take other operational actions when attacks are happening on assets affected by vulnerabilities. This provides more insight into the current risk state of an organization’s infrastructure.
“In the current threat environment, detecting and reacting to security incidents quickly to minimize impact is just as important as reducing the likelihood of them happening in the first place,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “The interoperability of Rapid7’s solutions with HP ArcSight ESM enables security professionals to do both faster and more effectively.”
Both technologies will be showcased at HP’s annual enterprise security user conference, HP Protect, taking place this week from September 8-11 in Washington, D.C. Visit Rapid7’s booth #522 to learn more. These capabilities are available immediately to HP ArcSight and Rapid7 UserInsight or Nexpose customers.
Rapid7 security analytics software and services reduce threat exposure and detect compromise for 3,000 organizations across 78 countries, including over 250 of the Fortune 1000. We understand the attacker better than anyone and build that insight into our solutions to improve risk management and stop threats faster. We offer advanced capabilities for vulnerability management, penetration testing, controls assessment, incident detection and investigation across your assets and users for virtual, mobile, private and public cloud networks. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.
About Rapid7 UserInsight
Rapid7 UserInsight helps security professionals quickly and easily detect and investigate incidents. Only UserInsight can combine context from users, endpoints, mobile, and cloud services with advanced detection techniques, such as honeypots, to help security teams respond to these types of attacks. UserInsight works by automatically detecting breaches and lateral movement inside the network perimeter. By creating a baseline of “typical” behavior for each user, UserInsight can identify unusual or suspicious behavior. This enables it to detect user account compromises with high accuracy and adds needed user context to any investigation. When a compromise is detected, UserInsight simplifies incident investigation because of its unique capability to easily show the relationship between incidents, users and assets. Security teams get a comprehensive view into user activity before and after any possible incident without the need to manually correlate logs. Incident responders can quickly identify other users who may have been impacted by the same attack.
About Rapid7 Nexpose
Rapid7 Nexpose is the only vulnerability management solution that analyzes risk across vulnerabilities, configurations, and controls with awareness of the threat landscape across the modern network. Users can efficiently manage vulnerabilities found in operating systems, Web applications, and databases, as well as identifying misconfiguration issues, all in one solution with over 52,000 vulnerabilities and 130,000 vulnerability checks. The unique Metasploit integration, RealRiskTM score, and contextual business intelligence make Nexpose the most effective vulnerability management solution for finding the “who, what, and where” of your risk, and driving prioritized remediation. Use Nexpose to improve your overall risk posture and comply with regulations, including security requirements for PCI, CIS, HIPAA, HITECH Act, FISMA (including SCAP Compliance), Sarbanes-Oxley (SOX), and NERC CIP.
Verizon 2014 Data Breach Investigations Report: http://www.verizonenterprise.com/DBIR/2014/