Last updated at Wed, 03 Jan 2024 21:43:14 GMT

Rapid7 is excited to announce that InsightIDR, our security information and event management (SIEM) offering, is now available for purchase in AWS Marketplace. InsightIDR provides comprehensive threat detection and response for modern environments that may span multiple clouds, as well as on-premises and remote assets. Now, not only does InsightIDR help monitor AWS customers’ cloud environments, but they can streamline their purchase through AWS Marketplace.

Why purchase through AWS Marketplace?

In case you’re unfamiliar with it, AWS Marketplace is a curated digital catalog that helps customers find, buy, and immediately start using third-party software and services that
run on AWS. Benefits of purchasing software like InsightIDR through AWS Marketplace include:

  • Consolidated billing: Marketplace purchases show up as a line item on your AWS invoice. For many organizations, this means there’s no need to go through the normal procurement hoops that accompany purchasing software from a new vendor.
  • Retire commitment: Organizations that participate in AWS' Enterprise Discount Program (EDP) can count Marketplace purchases against their annual commitment. For teams with a limited budget, this can mean the ability to purchase software that otherwise would not be feasible, as funds that are earmarked for AWS might be able to be used for Marketplace purchases as well.
  • Support for custom terms and pricing: While our InsightIDR listing on Marketplace only provides pricing for up to 2,000 assets, we can support purchases of any size through Marketplace. We can also support deals with custom terms and pricing, where applicable. For more information, please speak to the Rapid7 sales team.

Why should AWS customers consider InsightIDR?

Many organizations migrating to AWS currently have a legacy SIEM or intrusion detection system (IDS) that isn’t designed to support cloud infrastructure. Others may not yet have a SIEM, but recognize the need for this technology as their IT footprint grows. In the world of traditional SIEMs, standing up this technology generally takes several months of work. Too often, these organizations end up keeping their legacy SIEM to monitor on-premises assets and use a separate solution to monitor the security of their AWS workloads. This is less than ideal, as the organization has no way to get a complete picture of their hybrid environment, increasing the likelihood that there are unseen gaps a malicious actor could exploit.

Unlike legacy SIEMs, InsightIDR is cloud-based and designed to support today’s complicated hybrid IT environments. It can combine data from AWS CloudTrail, GuardDuty, CloudWatch, S3, EC2, VPC, and DNS logs with data from other cloud services, on-premises networks, and remote endpoints. With InsightIDR, you are able to get the complete picture of your hybrid environment using one tool.

Unlike most other modern SIEMs, InsightIDR is fast and easy to deploy. InsightIDR has achieved standout marks around deployment in Gartner Peer Insight reviews due to its lightweight cloud hosting and Insight Agent deployment, intuitive and prescriptive event source configuration, quick configuration options, and growing library of 900+ out-of-the-box detections tuned via insights from the Rapid7 community and our own Managed Detection and Response team. Instead of writing rules or spending months configuring sources, customers get visibility across diverse environments right away and have robust threat detection across their infrastructure on Day 1.

InsightIDR detects suspicious activity using a combination of User Behavior Analytics (UBA), which looks for suspicious behavior like a user logging in from two different parts of the world, and Attacker Behavior Analytics (ABA), which looks for known indicators of an attack such as PowerShell exploits. By using both UBA and ABA, InsightIDR is able to increase the likelihood of detecting malicious activity while decreasing false alarms.

InsightIDR also includes AWS-specific capabilities such as the ability to detect the use of new regions, services, and compute instances. To learn more about how InsightIDR supports threat detection and response in AWS environments, check out this blog post or the InsightIDR product page.

Getting started

If you’re interested in purchasing InsightIDR using AWS Marketplace, you can check out the listing here. If you’re interested in purchasing InsightIDR via Marketplace but want to explore custom terms and/or pricing, please reach out to our sales team.