Rapid7 Launches Incident Response Services to Help Organizations Respond Confidently to Advanced Attacks


Boston, MA — March 3, 2015

Rapid7, a leading provider of security data and analytics software and services, today announced the general availability of Incident Response and Incident Response Program Development Services to help organizations improve their preparation and response to advanced attacks. The newly-launched services empower security teams to dramatically shorten their time to respond, investigate, and remediate a breach. Additionally, Rapid7's Incident Response Program Development services help teams to optimize their approach to planning for security incidents. Both service offerings are driven by industry veterans with more than 15 years of experience in managing response activities for organizations of all sizes and industries.

"Security teams face a motivated and nimble attacker and every team has to prepare for the possibility of a breach," said Nicholas J. Percoco, vice president of Strategic Services at Rapid7. "Rapid7's Incident Response Services can help organizations prepare with an appropriate plan, and respond with the help of world-class industry experts."

Recent studies have shown that the number of attacks has increased by 48% since 20131, yet 78% of companies do not have recently-reviewed security and incident response programs2. Frequently, organizations discover during attacks that they have dated investments in technology, an insufficient number of trained staff, and a response plan which has never been practiced. Further, managing incident response to ensure that the attackers are removed and the damage is assessed is also complicated by the maze of regulatory requirements and breach notification laws. Rapid7's Incident Response Program Development and Incident Response Services offerings help customers to plan and execute a precise, timely, and accurate response with the benefit of world-class experts.

The newly created Incident Response division is part of the Strategic Services organization driven by renowned information security leader, Nicholas J. Percoco, who previously built and ran Trustwave's SpiderLabs. The Incident Response group is led by Wade Woolwine, a veteran of Mandiant's Managed Defense business unit, where his team was responsible for delivering all incident response activities, performing intelligence management, systems/technology integration, and research and development on new threat detection and incident response techniques. Wade also served as a threat detection and incident response analyst in a number of different government agencies. The Incident Responders team is led by Mike Scutt, an expert on Windows forensics, malware analysis, and incident response.

Incident Response Program Development

1 2015 PWC Global State of Information Security;
2 Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness; 78% stat is a combination of "No Set Time for reviewing and updating the plan" and "We have not reviewed or updated the plan since it was put in place."

Effective response planning can help an organization to be more proficient at threat detection and increase readiness to respond to security incidents. Incident Response Program Development starts with a detailed evaluation of the current state of an organization's threat detection and incident response program against Rapid7's best practices and understanding of current attacker methodology. The resulting scorecard provides the foundation for creating a new incident response plan that includes guidance on preparation, anomalous behavior detection, incident management, technical response, and communications plans. To reinforce the guidance, Rapid7 experts perform threat simulation sessions where the incident response team works through real breach scenarios, coordinate technical response activities, identify key sources of evidence, perform mock communications, and make recommendations for customers to prioritize cleanup and recovery. At the end of the engagement, organizations have the foundation for a sustainable investment across all three critical vectors of people, processes, and technology to minimize exposure in the event of a breach.

Incident Response Services

When a security incident occurs, speed is of the essence. Rapid7 Incident Response Services gives customers access to the critical expertise and technology needed to accelerate incident investigation and containment. The Rapid7 Incident Response team is composed of industry-leading experts with an average of 15 years of experience investigating breaches of all sizes and across many industries. The teams have extensive experience in network analysis, forensics, and malware analysis, and are assisted by Rapid7's unique technology assets. Rapid7 teams will work with in-house teams to scope the incident and focus on identifying all attacker remote access capabilities, restoring prioritized business processes and systems, and securing all compromised user accounts.

To complement its world-class Incident Response Services, Rapid7 offers a retainer-based offering to ensure availability of resources to respond to breaches. Rapid7 goes beyond traditional retainers by delivering a threat readiness assessment where our experts evaluate key areas of threat detection and incident response capabilities and establish breach response processes. Additionally, Rapid7 offers customers the ability to convert a portion of their unused pre-purchased hours to drive improvements in any aspect of their security program.

Rapid7 Incident Response Program Development and Incident Response Services are available immediately. For more information, please contact info@rapid7.com.

About Rapid7

Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 3,500 organizations across 78 countries, including 30% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.

Media Contact