Rapid7, Inc. has launched its Command Platform, a unified threat exposure, detection, and response platform. The new platform allows customers to integrate their critical security data for a unified view of vulnerabilities, exposures, and threats from endpoint to cloud to close security gaps and prevent attacks.
The Rapid7 Command Platform integrates native cloud and on-prem assessment with data from an organisation’s ecosystem of IT, security, and business tools to help them take command of their attack surface and confidently discover, identify, prioritise, and remediate risk. The fully integrated platform gives security operations teams greater visibility they can trust that was previously unattainable due to cost.
“Rapid7 customers now can have confidence in comprehensive visibility to truly monitor, manage, and measure exposures and threats across the entirety of their ecosystem with full business and environmental context, whether that data comes from Rapid7 or other providers, at an affordable cost,” said Rapid7 Chairman and CEO Corey Thomas. “When you have trust in what’s happening in your environment, you can quickly zero in on the highest risk vulnerabilities and exposures to focus on the most critical assets that need attention.”
Rapid7 also announced the first two solutions on the Command Platform: Exposure Command, which helps organisations detect and prioritise exposures from endpoint to cloud, and Surface Command, designed to discover and provide deep visibility into the assets that the security team is responsible for protecting across their internal and external attack surface. Surface Command is included with Exposure Command.
Exposure Command
Exposure Command enables security operations teams to enrich continuous attack surface monitoring with deep environmental context and automated risk scoring to identify and remediate ‘toxic combinations.’ It also allows them to understand asset posture and ownership and enforce compliance with internal policies, industry best-practices and regulatory frameworks across hybrid environments and avoid cloud risk before it reaches production with actionable feedback. With Exposure Command, organisations can:
-
Detect and remediate vulnerabilities across a hybrid environment: Continuously assess the entire environment for vulnerabilities and prioritise response based on the likelihood and potential impact of an exploit with purpose-built data collection approaches for cloud and on-prem environments.
-
Enforce organisational standards and compliance policies: Track adherence to organisational policies and regulatory standards with more than 50 compliance packs and thousands of security policy checks. Security operations teams can also notify relevant stakeholders and leverage native automation to enforce compliance at scale.
-
Shift cloud security and compliance checks left, earlier in the development lifecycle: Leverage Infrastructure as Code (IaC) scanning capabilities to implement the same security and compliance checks used in production earlier on in the continuous integration and continuous deployment (CI/CD) pipelines, identifying potential misconfigurations and non-compliant resources before they’re ever provisioned.
-
Monitor effective access and permissions across all clouds: Continuously track accounts and their effective access across the organisation, flagging overly-permissive roles, the potential for privilege escalation and automatically enforcing least privilege access (LPA) policies at scale.
-
Identify paths for lateral movement across cloud environment: Attack path analysis enables teams to visualise the relationships between interconnected cloud resources and uncover the potential for attackers to move laterally across the environment should they gain access to it.
Surface Command
Surface Command provides organisations with unified asset inventory – a more complete, vendor agnostic view of an organisation’s internal and external attack surface. Surface Command breaks down data silos by combining comprehensive external attack surface monitoring (EASM) with cyber asset attack surface management (CAASM) across hybrid environments to build a dynamic, 360-degree view of an organisation’s entire attack surface in one place.
Surface Command includes a library of more than 100 connectors feeding into Rapid7’s unified machine learning-driven correlation engine. Organisations can identify and mitigate exposures and potential threats with a risk-aware and adversary-driven view of their attack surface. This dynamic map of their digital estate from endpoint to cloud provides organisations with a holistic view of their attack surface. With Surface Command, organisations can:
-
Establish and maintain a single source of truth: Unify and correlate asset inventory and identities across internal tooling and cross reference findings against regular external scans to understand their attack surface and establish a single source of truth across teams.
-
Uncover assets lacking proper securitycControls: Recurring scanning to spot gaps in security coverage where assets are missing controls – such as endpoint security agents and vulnerability scans – and which identities have admin access or are missing multifactor authentication (MFA).
-
Drive accountability across teams: Understand asset ownership and drive accountability when compliance standards aren’t met, providing clarity around which stakeholders to engage when remediation actions are required to security and governance, risk, and compliance (GRC) teams.
-
Provide full context to incident responders: Security analysts can more effectively prioritise ongoing threats by having asset, vulnerability, and security control context in one place to make decisions. They can also enable organisational wide threat hunts based on known asset information and tactics, techniques, and procedures (TTPs).
-
Detect shadow IT and ungoverned use of IT resources: Identify unknown users and assets connected to the network with necessary context to understand the relative risk and necessary remediation steps.
-
Augment configuration management database (CMDB) tools and assist with asset lifecycle management: Track technology adoption across the organisation and leverage powerful native querying capabilities to gain deep insight, including if assets are still active, who owns them, and when they were last updated or modified.
Surface Command and Exposure Command are priced based on the average number of assets monitored across an environment. Exposure Command comes in two tiers, depending on an organisation’s level of cloud maturity, both of which include Surface Command.
