Last updated at Tue, 01 Dec 2020 20:08:42 GMT
At Rapid7, we recognize that security professionals are facing a more challenging landscape than ever before. The mission of InsightIDR—our natively cloud SIEM—is to remove the drudgery and operational burdens associated with traditional approaches, and drive efficient, effective detection and response across modern environments.
But we know that the complexity of detection and response isn’t limited to the work itself. For SOCs looking for new technologies and partners, navigating this crowded marketplace can be challenging and confusing. To help buyers navigate this industry and its hundreds of players, Forrester has evaluated the top eleven security analytics platform providers to provide context on their current offerings and strategy. We are thrilled to share that Rapid7 has been included in this report and recognized as a Strong Performer in The Forrester Wave™: Security Analytics Platforms, Q4 2020. Per Forrester’s Now Tech: Security Analytics Platforms, Q3 2020 report, “A security analytics (SA) platform is built on big data infrastructure, converging logs from network, identity, endpoint, application, and other security relevant sources to generate high-fidelity behavioral alerts and facilitate rapid incident analysis, investigation, and response.” This would include security information management (SIEM) technology.
Small and midsize enterprises as well as larger, resource-constrained enterprises looking for a SaaS-based SA solution should consider Rapid7.” - The Forrester Wave™: Security Analytics Platforms, Q4 2020.
As we approach the end of 2020, and reflect on the previous year, recognition like this Wave report has helped energize our team and provided what we believe is affirmation that we are on the right track. We attribute this recognition to a relentless commitment and focus on our customers. According to The Forrester Wave, “Customers reference feedback indicates ease of deployment and operation as strengths,” and we know from talking to customers that almost all teams are resource-constrained right now. In fact, many of the events of 2020 have widened this gap between growing security needs, and the resources and bandwidth available to do it all. We want to help security teams close that gap, and drive effective, efficient detection and response.
InsightIDR: Helping security teams focus on what matters most
Other than attackers themselves, the number one risk to security teams are distractions that make it impossible to recognize and respond to real threats. For many teams, distractions and complexity are on the rise. As we explored in the most recent installment of our Security Planning blog series, teams are stretched: often wearing many hats, scrambling to keep pace with rapidly changing environments, and more attackers are taking advantage.
Unfortunately, many traditional SIEMs designed to help teams get a handle on recognizing these threats, often end up adding to the complexity. Traditional and natively on-premises solutions come with a significant operational cost to teams to manage these deployments, configure and maintain rules, manage storage and hardware, and fine tune systems to meet their needs. This traditional approach to SIEM is no longer just demanding, it makes it impossible to be successful within the current climate and security landscape. As this Forrester Wave report makes clear: “The future of security analytics is in the cloud.”
Related: Comparing the value and ROI of a cloud-SIEM vs a traditional SIEM
InsightIDR, our natively SaaS SIEM, has been built in the cloud from the ground up to ensure teams have the flexibility, analytics power, and scale necessary to be successful in modern environments. As teams seek solutions to combat complexity and resource deficiencies, InsightIDR offers a unique approach and focus on driving efficiency and ROI for customers.
This approach includes:
- Unmatched time to value. In our Total Economic Impact (TEI) Study with Forrester Consulting earlier this year: InsightIDR customers are up and running 4.7x faster than their previous SIEM. Not only does our SaaS deployment mean teams are stood up faster, but they also have no hardware or updates to manage, and benefit from new content, features, and capabilities as soon as they are available.
- Instant visibility across modern environments. The Wave notes, “Rapid7 combines multiple security capabilities in the cloud” with InsightIDR, which we take as a huge component of the efficiency we deliver. Via our lightweight collectors, agent, and network sensor, customers have instant visibility across diverse modern environments, including remote and on-premises endpoints, users, network traffic, cloud, web applications, and more. This comprehensive coverage eliminates blind spots, and reduces incident management effort by 38%, per the TEI study.
- Infused expertise to respond quickly, and confidently. InsightIDR comes with a rich library of detections out of the box - no fine tuning, or arduous rule creation required up front by analysts. This library is managed and curated by Rapid7’s MDR SOC team, and leverages insights from across the Rapid7 threat intelligence network and our own services engagements. This built-in expertise results in 27% less false positives compared to their previous SIEMs (source: The Total Economic Impact™ Of Rapid7 InsightIDR, a commissioned study conducted by Forrester Consulting on behalf of Rapid7).
- Correlation and automation to accelerate response. InsightIDR’s attribution engine tracks users and assets as they move around the network, automatically enriching every log with user and asset details. We don’t just ingest data and let teams figure out what to do with it. InsightIDR correlates and analyzes data across diverse sources to provide complete, high context investigations, and provides automation capabilities to take action right from the console. As a result, InsightIDR customers respond to incidents in a third of the time compared to their previous SIEM.
We are committed to making it possible for customers to achieve sophisticated security outcomes with less time and less hurdles, and you’ll continue to see us invest here in the coming year. Thank you to our customers for taking this journey with us and for your continued feedback and partnership. We are looking forward to what’s next and excited to share more soon. Stay tuned!