UserInsight: Radar for Deception-Based Attacks
Detect and investigate malicious and compromised users with UserInsight
Thanks to an unmatched understanding of the attacker mindset, Rapid7 developed UserInsight to detect and investigate attacks targeted at users.
UserInsight enables security teams to:
Learn More About Userinsight
- Detect attacks targeted at users
- Accelerate incident investigation by tying incidents to users and providing the underlying user behavior
- Simplify the discovery of risky user behavior within the firewall, cloud services, and mobile environments
Are attacks on the network going unnoticed?
Users are the most vulnerable part of the network, as attackers have shifted from brute-force to deception-based attacks targeted at users.
76% of attacks involved compromised user credentials
66% of breaches remain undiscovered for 6 months+
Verizon 2013 DBIR
These attack methodologies make the attacks harder to detect and allow attackers to remain undiscovered for a longer period of time.
We at Rapid7 developed UserInsight to detect an attacker's entry and lateral movement within the network without the need to build rules and manually parse data logs.
Are you losing valuable time investigating and containing incidents?
We built UserInsight to speed up incident investigation while also reducing false positives.
86% of security professionals claim incident detection is too lengthy
74% of security professionals claim incident investigation solutions lack integration with existing security products
Ponemon Institute LLC, 2014
By uniquely tying incidents to users, UserInsight cuts investigation time from hours to minutes and provides visibility into user behavior before and after a breach.In addition, in order to fully contain a breach, security teams also need to know if other users have been involved.
After an incident, UserInsight also tells you about other users, assets, endpoints, and cloud services that may have been involved.
With this information, you'll empower security teams to quickly investigate and contain the incident.
How do you discover risky user behavior within the firewall, cloud services, and mobile devices?
It's a challenge for security teams to keep an eye on all user activity, including identifying policy violations, account misuse, and data transfer to the cloud.
75% of organizations use cloud services
80% of organizations have BYOD deployedRapid7 customer survey
UserInsight simplifies the discovery of risky user behavior within the firewall, on cloud services, and in mobile environments.