Independent research firm cites Rapid7 MDR’s “security professionals with extensive incident response and threat hunting experience” delivering a “white-glove, behavioral detection-inspired” service.
Detection and response is a critical component to any security program, but standing up an effective program isn’t as straightforward as buying and implementing the latest security products. Without the right people and right process in place to leverage that technology, your business basically bought an expensive alarm system.
The challenge is, more security professionals are struggling to build that team. Increasing risk attacker frequency and complexity are leading to higher burnout in an industry with near zero unemployment. Now, more than ever, security teams are turning to MDR partners to buy effective security operations rather than build it.
In a recent survey of Rapid7’s MDR customers, the No. 1 challenge that influenced an MDR purchase was “too few security staff to manage the scope of their security program.” Over 83% of customers responded this was a core challenge to their security success before extending their team with Rapid7 MDR.
We started Rapid7’s Managed Services practice in 2016 for this exact reason: to help a subset of our InsightIDR customers that struggled with their program’s execution and consistency despite having the right technology in place.
Fast-forward five years later to 2021, and this problem still remains. But simply hiring an MDR provider won’t solve this challenge, either.
The truth is, not all MDR providers are equal. The blurred lines between traditional MSSPs masquerading as MDR vendors and more specialized, tactical-focused MDR services are making it difficult for buyers to navigate the marketplace.
Narrowing down a short list of vendors can be challenging and confusing, and evaluating solutions can feel like endless speed-dating when MDR services look and sound the same. Finding that perfect marriage? That can feel almost as daunting as finding a stealthy attacker.
To help buyers craft their shortlist among the industry’s many players, Forrester Research evaluated the Top 15 MDR providers to provide context on each provider’s current offering and strategy. We’re thrilled to share that Rapid7 has been included among these top vendors in the inaugural Forrester Wave™: Managed Detection and Response, Q1 2021 and recognized as a Strong Performer.
Forrester notes that Rapid7’s “security professionals with extensive incident response and threat hunting experience” deliver a service using a “white-glove, behavioral detection-inspired approach."
Coming on the heels of being named a ‘Leader’ in Forrester’s Q3 2020 Midsize MSSP Wave, we’re thrilled and believe that this recognition once again validates our team’s exceptional service delivery for our customers.
Our mission has always been to put our customers first with expert collaboration and clear direction. We’re here to stop threats across our customer’s enterprise environment and help them to focus on advancing their security programs. The recognition supports our vision and strategy. But in the spirit of Rapid7, we’re “never done” working towards helping our customers.
Forrester gave Rapid7 MDR the highest score possible in the Threat Hunting, Performance, and Product Vision criteria. Rapid7 was the only Strong Performer to receive the highest possible score in the Product Vision criterion, along with three vendors in the Leaders segment.
Additionally, Rapid7 scored the highest possible in the Market Presence category, boosted by Enterprise customer acquisition in 2020.
You can see the full evaluation and vendor comparison by accessing the report here.
Our take on the market
Cyber-threats continue to increase in frequency and sophistication. These attacks can look just like any other end user—96% of the time, to be exact. And with three out of every four incidents involving compromised user credentials, it’s no longer adequate to defend at the perimeter and implement security training with the hopes to stop advanced attacks.
Security programs need a defense in depth approach to spot attacks across the modern environment that extends past endpoint detection capabilities to include deep user and behavioral analytics, network traffic, and flow analysis. Without the combination of these sources, you’re at risk of missing the most malicious threats.
Challenges with security operations often stem from inconsistency and ineffectiveness at detecting and responding to threats. That’s where an end-to-end MDR provider like Rapid7 can help make sense of the data, understand what it means, and act on your behalf.
How Rapid7 MDR can help your enterprise
Forrester also acknowledges that MDR services must provide three specific benefits for their customers. Here’s how Rapid7 meets these requirements:
1. "Better detection than the customer could achieve on their own”
In the report, Forrester notes our leadership and SOC team is made up of “security professionals with extensive incident response and threat hunting experience” and including that our “security research and consulting legacy also adds substantial value” to the service.
The numbers speak for themselves. In a recent survey of Rapid7 MDR customers in March 2021, 81% of respondents improved the comprehensiveness of their detections by 69% after implementing Rapid7 MDR. Additionally, 60% of respondents surveyed said they improved mean time to detect (MTTD) by 67%!
Rapid7 MDR’s SOC analysts perform threat hunting across over 1.2 trillion events each week using our powerful InsightIDR technology and human expertise. Whether it’s 24x7 coverage or needing to detect and respond to dynamic threats, our team knows how to spot and respond to modern attackers.
2. “Rapid investigation to provide context as input into decision-making”
They don’t call us Rapid7 for nothing!
Our vision with MDR is to advance cybersecurity decision-making through expert collaboration for all. We built MDR from the ground up to help security teams of all sizes and experience levels strengthen their security posture, stay ahead of emerging threats, and stop attackers.
We’ll work with your team to strengthen your program—designed for your maturity level—with our team acting as an extension of your team providing the eyes, ears, and responders for your security team to defend against today’s threats.
We’ll monitor the environment, investigate and validate threats, take action, and provide additional recommendations to harden your systems. In a recent survey, customers told us they saved on average 42% of the time previously spent on investigation, validation, and analysis each week after implementing MDR with a 60% decrease in investigation duration.
3. "Expertise available to make faster, more accurate decisions on which response actions to choose"
As a strategic partner, we empower customers to access Rapid7’s experts and technology to extend their team. Rapid7 MDR provides teams with the resources and clear guidance needed to drive security operations at speed, scale, and transparency within their organizations—without sacrificing control. We look out for their security program as if it were our own.
Enterprise customers often cite Rapid7 as a key to minimize their risk and maximize their in-house resources. For example, customer Resimac’s initial assessment of the firm’s security posture two years ago revealed a maturity rating of 1.5/5. Using Rapid7, it has risen to between 2.5 and 3, accelerating efforts to deliver this uplift in maturity a year ahead of schedule.
Most importantly, Rapid7 MDR enables your team to focus on what matters most to you and your business. Rob Mihalek, Cybersecurity and Engineering Lead at Resimac, says, “Because of Rapid7, we can focus on the goals of the business rather than having to manage and plough through notifications, alerts, and problems found by security tools. Thanks to Rapid7, one thing we’ve not experienced is security fatigue.”
Check out the 10 things your MDR vendor must provide in their service or speak with one of our detection and response experts to see if Rapid7 MDR is right for you.