Rapid7 MDR Excels in All New MITRE Engenuity ATT&CK Evaluations of Threat-Informed Defense Capabilities

Inaugural MITRE Engenuity Managed Services Evaluation showcases Rapid7’s strong detection coverage, comprehensive reporting, and detailed communications

Boston, MA — November 9, 2022

Rapid7, Inc. (Nasdaq: RPD), a leader in cloud risk and threat detection, today announced the final results of the 2022 MITRE Engenuity ATT&CK® Evaluations of Rapid7 managed detection and response (MDR) services. In the simulated incident, Rapid7 MDR demonstrated early detection of threats, complete coverage across the cyber attack chain, and the artifacts collected highlighted rich reporting and engagement throughout.

This round of independent ATT&CK Evaluations for security service providers emulated the OilRig threat group. According to MITRE Engenuity, OilRig “was chosen based on its evasion and persistence techniques, its complexity, and its relevancy to industry.” Rapid7 MDR excelled at identifying the earliest indicators of attack, having reported techniques across all 10 steps of the attack simulation.

“Cybersecurity professionals and industry stakeholders rely on MITRE Engenuity ATT&CK Evaluations to benchmark vendors’ efficacy and effectiveness for advanced attack detection in real-world scenarios,” said Jeremiah Dewey, Senior Vice President of Managed Services Delivery, Rapid7. “We are thrilled to participate in this first-ever evaluation of managed services, as it gives a wider audience visibility into how a real-world incident plays out with Rapid7 MDR."

“More than half of organizations use security service providers to protect their data and networks. We wanted to research how they are employing threat-informed defense practices for their clients,” said Ashwin Radhakrishnan, acting General Manager of ATT&CK Evaluations at MITRE Engenuity.

Rapid7 MDR blends the necessary people, expertise, processes, and technology to rapidly detect, analyze, investigate, validate, and respond to threats across the modern environment – endpoint, network, application, and cloud services layers. Through this service, Rapid7 serves as a true partner throughout the incident lifecycle, driving end-to-end recommendations and results.

A Rapid7 differentiator is its combined Incident Response consulting team and MDR SOC, which ensures that all MDR customers receive the same high-caliber digital forensics and incident response (DFIR) expertise as a core service capability. This single, integrated team of detection and response experts works together to execute on every type of attack scenario, from a minor breach like a phishing email with an attached maldoc, to a major targeted breach involving multiple endpoints compromised by an advanced attacker.

“Even with the best technology in place, Defenders need support to remain vigilant against the latest attacker tactics, techniques, and procedures,” said Dewey. “Rapid7 MDR provides early, comprehensive detection across the modern environment, and end-to-end partnership throughout the incident lifecycle to drive our customers’ security success.”

To learn more about Rapid7 MDR and how it performed in the MITRE ATT&CK Evaluation for security service providers, visit the Rapid7 blog.

About MITRE Engenuity
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org

For full results and more information about the MITRE evaluations, please visit: https://attackevals.mitre-engenuity.org/managed-services/.

About Rapid7
Rapid7, Inc. (Nasdaq: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 10,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our website, check out our blog, or follow us on LinkedIn or Twitter.


Rapid7 Investor Relations

Sunil Shah

Vice President, Investor Relations

+1 857—990—4074

investors@rapid7.com

Rapid7 Media Relations

Caitlin O'Connor

Senior Public Relations Manager

+1 857—990—4240

press@rapid7.com