Visual Timeline for Every Alert

For every alert generated in InsightIDR, a timeline filled with user and asset context is automatically built out. In this case, we don't know which user authenticated on the asset – only that remote file execution was detected. We have a few options from here. We'll start with the Evidence tab for more context, and then take a closer look at the running processes on the asset.

3 of 6

Detect Common Attacker Behavior

InsightIDR can detect the use of Meterpreter, along with many other stealthy tools and techniques that exploit system vulnerabilities.

Bring Multiple Types of Data to the Investigation

In addition to what is pre-populated for each alert, you can query your endpoints in real time, and search across network data and raw logs.


Contact Us

We're happy to answer any questions you may have about Rapid7