Ray White: A quick trip from SIEM RFP to “the revelation we didn’t know we needed”

Ray White Group is a multi-national real estate and property investment group operating throughout Australia, New Zealand, Indonesia and Hong Kong. 

Its security team protects company interests that span from private equity to hotel partners to 1000+ offices and 25,000 franchisees. It was running a well-known SIEM, Splunk.

Automation was technically possible with Splunk, but carried significant overhead. Ray White Group had a lean, seven-person security team supported by external providers. A more powerful SIEM at a lower cost would be the answer.

MDR: from added benefit to a high-impact, high-value strategy shift

Rapid7 was among the SIEM solutions the team evaluated. Our original strengths? Transparent pricing, a streamlined platform, and lower overhead. But it was the inclusion of SIEM in managed detection and response (MDR) that completely shifted the company’s security strategy. 

“MDR wasn’t something we were initially looking for—it was just part of the deal. But it turned out to be the most valuable piece,” Jacob explained. “It was a revelation.” His colleague Clint Walters had previous experience working with Rapid7: “We don't want to be taking calls at 12 o'clock, one o'clock, two o'clock at night like we previously were.”

Clint Walters focuses on IT security for Ray White Corporate and its 1000 franchise offices. He points to a key relationship with AWS that Rapid7 also has. “Being able to procure via the AWS marketplace has really sped up the ability to order or trial a product for us,” said Walters. “Once we've got approvals, it takes around 15 minutes to run up one of the new Rapid7 products and test it out.”

Security teams have to keep score; the wins were big and across the board

Always-on 24/7 coverage through a single subscription to Managed Threat Complete changed everything. The company once simply accepted the risk of not having out-of-hours coverage – and this was just the start of a new day.

• Significant Cost Savings: This was a case study in “more for less,” even before factoring in time or productivity savings.
• Improved Threat Visibility: With Threat Command, Ray White Group gained insight into external risks across social media and the dark web—a major win for a company with tens of thousands of public-facing accounts.
• Operational Efficiency: Alert fatigue was eliminated, and analyst time was reallocated to strategic initiatives and internal engagement.
• Enhanced Credibility: Security improvements earned respect both internally at the board level and externally among agents. “It gave us more street cred” Jacob said. “Now we have that coverage, our analysts are free to focus on proactive work rather than being buried in alerts.” Jacob said.

More and better 24/7 decisions without escalation (so sleep well)

Rapid 7 integrates multiple data sources via a single agent. According to Jacob, this level of telemetry is crucial for getting the full value out of any MDR solution. “The more visibility MDR has into your environment, the better decisions they can make without escalating everything to you. Rapid7 made that simple.”

Though Jacob was already confident in Rapid7’s core capabilities, the added value from services like Managed Threat Complete and Threat Command was a welcome—and transformative —surprise. The cybersecurity investment paid for itself many times over. “It started as a cost-saving project, but what we got was a full-spectrum security platform”

“Now we're implementing tools that would've been impossible to think of 12 months ago”

With fire-fighting days over, Walters is documenting improvement across the entire security team every month. And it’s the people at Rapid7 who get his highest marks. “These guys, they actually really care. They've got your back. It's not just they sell a product into your organization and that's the last you hear of 'em. They're on my Slack feed. We're talking all the time.”

Revelations Rapid7 is here for that.