Last updated at Mon, 28 Oct 2019 16:55:14 GMT
Rapid7 UserInsight features a new interactive incident timeline, which enables you to quickly understand the context of an incident, determine what happened, and prioritize the appropriate response. With the new capabilities, incident responders can identify indicators of compromise and map a possible attack by correlating events such as authentications, IPS alerts, and vulnerabilities across users, assets and IP addresses. UserInsight is the only user behavior analytics solution to provide detection and investigative capabilities for malicious user activity on the network, endpoints, mobile devices, and in the cloud. Now, with its new interactive incident timeline, you can find and contain these attacks even faster.
Check out this four-minute video to learn more about the new UserInsight interactive incident timeline:
The new interactive incident timeline uniquely enables you to:
- Identify the impact of an incident with interactive visualization of users and assets
- Accelerate response with instant search of months or years of security data
- Plan containment and streamline communication with a timeline of all associated events
Identify incident impact with interactive visualization of users and assets
The primary goal of incident investigation is to quickly assess impact on the organization to make decisions on how to contain an incident. Because users are the primary vector of modern attacks, getting visibility into user activity is critical. However, correlating user activity across endpoints, network devices, and cloud services can be especially challenging.
UserInsight's new interactive incident timeline greatly reduces research time by providing instant access to all user activities and asset details. UserInsight is the only user behavior analytics solution to provide investigative capabilities for user activity on the network, endpoints, mobile devices, and in the cloud. You can quickly sift through events in a graphical interface, accelerating investigations.
Accelerate response with instant search of long-term security data
Most organizations using SIEM or log management solutions can only afford to keep data in searchable storage for 30 days. Investigating incidents that reach further back in time often require loading data from tape archives. This can considerably slow down an incident investigation. Having all available security data immediately available is critical because, even with sophisticated detection techniques, some advanced threats may remain hidden for months or even years. Security teams must be able to review user activity over the entire length of the incident, which is beyond the capability of many existing tools.
UserInsight's new interactive incident timeline can search data back to the first day of its deployment. Built on secure cloud storage, keeping data long-term searchable incurs no additional storage or maintenance cost for subscribers.
Plan containment and streamline communication with a timeline of all associated events
Once all data relating to an incident has been collected, incident responders still have to manually write a report to communicate to their peers and top management about what happened. Information security teams often rely on generic tools such as ticketing systems and text editors to document findings related to an incident, which results in inconsistent and slower reporting.
UserInsight is the only user behavior analytics solution that enables you to effortlessly map incident investigation findings on an interactive timeline as they sift through data. The final report helps you clearly and quickly communicate incident context and impact to others involved in the containment and remediation process.
UserInsight's interactive incident timeline is available now
UserInsight's new interactive incident timeline is immediately available. To learn more about how it can help you, please join the free webcast "When Every Minute Counts: Accelerating Incident Investigations". If you'd like to get a broader overview of UserInsight's capabilities, please schedule a free guided tour of UserInsight.