Last updated at Mon, 17 Aug 2020 13:27:53 GMT

Block the spread of malware and prevent lateral movement with Rapid7 Insight Agent Quarantine from InsightConnect

Rapid7’s Insight Agent is lightweight software you can easily install on any asset—in the cloud or on-premises—to collect data from across your security and IT environment. This agent is used across InsightVM, InsightIDR, InsightOps, and related managed services to give teams real-time visibility into diverse endpoints and to detect the risks that may exist on those endpoints.

While the Insight Agent can seamlessly quarantine endpoints, by integrating the Agent’s powers within your InsightConnect workflows, you can now leverage automation to stop the spread of malware and attackers in their tracks by isolating them from the rest of the network in seconds.
Harness the capabilities of the Insight Platform backed by automation through InsightConnect—Rapid7’s security orchestration, automation, and response solution—to detect and respond to threats in seconds by quarantining assets with the Insight Agent.

Protect endpoints with automation

Attackers often target endpoints as a way to gain entry into an organization’s internal network. In today’s work-from-home environment, our workstations are with us wherever we are, and this means we’re connecting to the corporate VPN over many untrusted networks, especially our homes. Every device connected to an organization’s network is a potential vector for attack, and once a single system is affected, time is of the essence before more hosts or even an entire network can be compromised. Leveraging InsightConnect, security teams can respond faster and more efficiently to protect their assets.

Respond to threats quickly and reliably with automation

The Insight Agent plugin for InsightConnect allows teams to build an arsenal of powerful InsightConnect automations that can quickly and easily quarantine compromised hosts to effectively isolate the host from the network, which will prevent the spread of malware or stop lateral movement from an attacker.

By combining the powers of InsightConnect and the Insight Agent, you can seamlessly quarantine or unquarantine endpoints from an InsightIDR alert, using the InsightVM plugin, or from external events by connecting your third-party tools.

Get up and running quickly with the Insight Agent plugin

Rapid7’s Insight solutions are committed to providing some of the best deployment times in the industry, and this commitment to immediate value continues with the Insight Agent and InsightConnect. Existing Insight customers can easily deploy a built-in agent in their environment to monitor assets. And now, with InsightConnect, quickly quarantining endpoints based on alert data becomes as simple as importing a pre-built workflow or creating a custom workflow from scratch that meets your organization’s needs.

Reduce complexity with the Rapid7 Platform

With InsightConnect, you can now leverage the Insight Agent integration to fully automate or semi-automate (with human decisions points) your response processes for InsightVM, InsightOps, InsightIDR, and related managed services. You can also create your own automation workflows from scratch to streamline manual processes, speed up response time, and improve accuracy. In addition, InsightConnect provides pre-built workflow templates with both InsightIDR and InsightVM that can be imported with one click using the Rapid7 Extension Library.

Learn more about InsightConnect and how you can automate security operations

Get Started