Rapid7, Inc. (NASDAQ: RPD), a leading provider of security analytics and automation, today announced that Network Traffic Analysis (NTA) is now available in InsightIDR, the company’s market-leading Security Information and Event Management (SIEM) solution. This is the first of several new capabilities Rapid7 will introduce that leverages technology acquired when the company purchased Galway-based Netfort in 2019.
For security operations, detecting and responding to potential attacks has become increasingly complicated as organizations shift to the cloud and attack surfaces expand. Network Traffic Analysis gives security operations greater visibility into user and device activity across the network. Armed with increased device and network activity data, along with valuable user, log, cloud, and endpoint data in InsightIDR, security operations can now detect threats earlier and with more reliability while also speeding investigations.
This advancement comes on the heels of Rapid7's InsightIDR being named a Leader in Gartner’s 2020 Magic Quadrant for Security Information and Event Management (SIEM). In the report, InsightIDR was recognized for its ease of deployment, ease of use, and strong return on investment.
“Network traffic analysis is an important capability for our customers because it gives security teams even greater visibility across the attack surface,” said Richard Perkett, senior vice president, detection and response at Rapid7. “By bringing NTA to InsightIDR and our Managed Detection and Response service, customers can shine a light on even the darkest parts of their network and have a single, clear view of their critical security data in one place.”
In addition to delivering a single hub for diverse security data sets, Rapid7’s approach to NTA is unique and differentiated for three reasons.
Lightweight Insight Network Sensor : There's no dedicated hardware appliance required to capture network data; instead, lightweight software is installed on a virtual machine or host providing flexible deployment and data capture. The sensor passively captures traffic through a traffic mirror - providing no disruption to network performance.
Proprietary Deep Packet Inspection (DPI) Engine : InsightIDR's NTA leverages a proprietary Deep Packet Inspection (DPI) engine to capture raw network traffic flows, extracting rich metadata. This approach drastically reduces data volume, but retains the critical data ideal for investigations, deeper forensic activities, and custom rule creation.
Expert Curation of Alerts: Rapid7's Managed Detection and Response (MDR) team curates a library of the most critical Intrusion Detection System (IDS) alerts for teams to focus on, helping cut down on noise and increase analysts’ confidence in taking action.
Customers that rely on Rapid7's Managed Detection and Response services will also benefit from the NTA capabilities in InsightIDR. Jeremiah Dewery, Vice President of Managed Services at Rapid7 commented: “Bringing NTA capabilities to InsightIDR gives the analysts in our security operations center a vital layer of coverage to help us detect, investigate, and respond to incidents more quickly for our customers.”
To learn more about Rapid7's NTA capabilities, please try the NTA demo.
Rapid7 (Nasdaq: RPD) is advancing security with visibility, analytics, and automation delivered through our Insight cloud. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,000 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organizations. For more information, visit our website, check out our blog, or follow us on LinkedIn.
Public Relations Manager
Vice President, Investor Relations