Rapid7, a leading provider of security analytics software and services, today announced that its innovative incident detection and response solution, Rapid7 UserInsight, is now interoperable with HP ArcSight ESM. The combination of these two advanced technologies enables security operations professionals to detect, investigate, and respond to security threats targeting a company's users more quickly and effectively.
Data collected and correlated from HP ArcSight can now be easily fed into Rapid7 UserInsight to detect and investigate compromised credentials, phishing attacks, and suspicious behavior. UserInsight can feed these alerts back to HP ArcSight ESM for further correlation and visibility leveraging HP ArcSight as the single pane of glass for security activities in a company's Security Operations Center (SOC).
Compromised credentials are the most common attack vectors according to the Verizon Data Breach Investigations Report 20141. With credentials, attackers can pose as genuine users and move laterally through the network, and this has traditionally been very difficult to detect. In addition, malicious insiders pose a similar challenge to detection. UserInsight addresses these challenges, giving users greater confidence in their network security in an easy-to-deploy technology that integrates with their existing Security Information and Event Management solution.
This interoperability builds on the existing technology partnership between Rapid7 Nexpose and HP ArcSight. Vulnerability data from Nexpose scans feeds into HP ArcSight ESM so users can create alerts, raise alarms, or take other operational actions when attacks are happening on assets affected by vulnerabilities. This provides more insight into the current risk state of an organization's infrastructure.
"In the current threat environment, detecting and reacting to security incidents quickly to minimize impact is just as important as reducing the likelihood of them happening in the first place," said Lee Weiner, senior vice president of products and engineering at Rapid7. "The interoperability of Rapid7's solutions with HP ArcSight ESM enables security professionals to do both faster and more effectively."
Both technologies will be showcased at HP's annual enterprise security user conference, HP Protect, taking place this week from September 8-11 in Washington, D.C. Visit Rapid7's booth #522 to learn more. These capabilities are available immediately to HP ArcSight and Rapid7 UserInsight or Nexpose customers.
1 Verizon 2014 Data Breach Investigations
Rapid7 UserInsight finds the attacks you're missing by detecting and investigating indications of compromised users from the endpoint to the cloud. UserInsight detects attackers even when they are hiding behind stolen user credentials - today's most common attack tactic. It can complement your existing monitoring technologies, increasing alert accuracy, providing a user lens to events, and detecting lateral movement and other commonly overlooked indicators. With a sophisticated interactive incident timeline, UserInsight makes it easy to identify the impact of an incident and accelerate response with instant search of
Rapid7 Nexpose is the only vulnerability management solution that analyzes risk across vulnerabilities, configurations, and controls with awareness of the threat landscape across the modern network. Users can efficiently manage vulnerabilities found in operating systems, third-party software, Web applications, browsers and databases, as well as identifying misconfiguration issues, all in one solution with over 52,000 vulnerabilities and 130,000 vulnerability checks. The unique Metasploit integration, RealRisk™ score, and contextual business intelligence make Nexpose the most effective vulnerability management solution for finding the "who, what, and where" of your risk, and driving prioritized remediation across all your IT assets and environments. Rapid7 Nexpose's most advanced edition, Nexpose Ultimate, provides visibility and risk management across vulnerabilities, configurations and controls in a single unified solution, which enables IT security teams to effectively reduce risk with a deep understanding of the attacker mindset, business context and customized remediation reports. Use Nexpose to improve your overall risk posture and comply with regulations, including security requirements for PCI, CIS, HIPAA, HITECH Act, FISMA (including SCAP Compliance), Sarbanes-Oxley (SOX), and NERC CIP.
Rapid7 security analytics software and services reduce threat exposure and detect compromise for 3,000 organizations across 78 countries, including over 250 of the Fortune 1000. We understand the attacker better than anyone and build that insight into our solutions to improve risk management and stop threats faster. We offer advanced capabilities for vulnerability management, penetration testing, controls assessment, incident detection and investigation across your assets and users for virtual, mobile, private and public cloud networks. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.